Threat Advisories - NVD Disclosed March 19, 2014

CVE-2014-2120

Cisco ASA WebVPN Cross-Site Scripting Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A cross-site scripting vulnerability in Cisco Adaptive Security Appliance Software's WebVPN login page allows remote attackers to inject arbitrary web script or HTML. This can affect system integrity and user sessions, posing a business risk to organizations.

NVD published: March 19, 2014 • CISA KEV