CVE-2014-2126

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software versions 8.2 before 8.2(5.47) Cisco Adaptive Security Appliance (ASA) Software versions 8.4 before 8.4(7.5) Cisco Adaptive Security Appliance (ASA) Software versions 8.7 before 8.7(1.11) Cisco Adaptive Security Appliance (ASA) Software versions 9.0 before 9.0(3.10) Cisco Adaptive Security Appliance (ASA) Software versions 9.1 before 9.1(3.4)

Description The issue allows remote authenticated users to gain privileges by leveraging level-0 ASDM access. This means that users who have already authenticated can potentially elevate their privileges, posing a security risk.

Recommendations For versions 8.2 before 8.2(5.47), update to version 8.2(5.47) or later. For versions 8.4 before 8.4(7.5), update to version 8.4(7.5) or later. For versions 8.7 before 8.7(1.11), update to version 8.7(1.11) or later. For versions 9.0 before 9.0(3.10), update to version 9.0(3.10) or later. For versions 9.1 before 9.1(3.4), update to version 9.1(3.4) or later. As a temporary workaround, consider restricting access to level-0 ASDM to minimize the risk of exploitation.