CVE-2014-3399
N/A
N/A
Summary
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and consequently cause a denial of service (portal outage or system reload), via crafted HTTP requests, aka Bug ID CSCup54208.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=35989
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3399
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=35989
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3399
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.