PT-2014-5280 · Cisco · Cisco Asa
Published
2014-10-08
·
Updated
2023-08-15
·
CVE-2014-3390
CVSS v2.0
6.8
Medium
| Vector | AV:L/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco ASA Software versions 8.7 before 8.7(1.14)
Cisco ASA Software versions 9.2 before 9.2(2.8)
Cisco ASA Software versions 9.3 before 9.3(1.1)
Description
The issue allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script. There have been disruptions to some systems.
Recommendations
For Cisco ASA Software version 8.7, update to 8.7(1.14) or later.
For Cisco ASA Software version 9.2, update to 9.2(2.8) or later.
For Cisco ASA Software version 9.3, update to 9.3(1.1) or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Asa