First discovered in 2014 by researcher Jonathan Claudius, CVE-2014-2120 is a vulnerability caused by insufficient input validation in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software. This flaw could allow an unauthenticated remote attacker to execute an XSS attack against a user by persuading them to access a malicious link. Impact According […]
The post CVE-2014-2120: Ten-year-old Cisco ASA Flaw Exploited In The Wild appeared first on SecPod Blog.