The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and CSCuq47574.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2014-10-10 03:55
Updated : 2014-10-13 11:48
NVD link : CVE-2014-3390
Mitre link : CVE-2014-3390
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
cisco
- adaptive_security_appliance_software