CVE-2014-2120 — Actively Exploited: Adaptive Security Appliance (ASA) (Cisco)
Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
| CVE ID | CVE-2014-2120 |
|---|---|
| Vendor | Cisco |
| Product | Adaptive Security Appliance (ASA) |
| Vulnerability name | Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability |
| Date added | 2024-11-12 |
| Remediation due | 2024-12-03 |
| Known ransomware use | Unknown |
| Required action | Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. |
| Description | Cisco Adaptive Security Appliance (ASA) contains a cross-site scripting (XSS) vulnerability in the WebVPN login page. This vulnerability allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →