← back
CVE-2019-1944

Cisco Adaptive Security Appliance Smart Tunnel Vulnerabilities

CVSS 6.7 MEDIUMEPSS 0.3%CWE-20
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.7EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
07 Aug 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established. For more information about these vulnerabilities, see the Details section of this security advisory.
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H