← ExploitWatch
HomeExploited Vulnerabilities

CVE-2014-2120 — Actively Exploited: Adaptive Security Appliance (ASA) (Cisco)

Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.

CVE IDCVE-2014-2120
VendorCisco
ProductAdaptive Security Appliance (ASA)
Vulnerability nameCisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability
Date added2024-11-12
Remediation due2024-12-03
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionCisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →