CVE-2017-12265
- EPSS 0.17%
- Published 05.10.2017 07:29:00
- Last modified 20.04.2025 01:37:25
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interf...
CVE-2009-1201
- EPSS 4.48%
- Published 25.06.2009 17:30:00
- Last modified 09.04.2025 00:30:58
Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-sit...
- EPSS 3.07%
- Published 25.06.2009 17:30:00
- Last modified 09.04.2025 00:30:58
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it ea...
CVE-2009-1202
- EPSS 0.32%
- Published 25.06.2009 17:30:00
- Last modified 09.04.2025 00:30:58
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) at...