← voltar
CVE-2014-2127

CVE-2014-2127

23Vexday Risk Score

Corrija em breve. Ela tem exploit funcional público.

ssvc Attendepss 11%
da publicação à arma0 dias
Publicada no NVD10 de abr.
metasploit9 de abr.
probabilidade de exploração
11%top 4% das CVEs
exploração observada
nãonenhuma fonte reporta
Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099.
Produtos afetados
n/a · n/a