The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.14), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), and 9.2 before 9.2(2.4) does not properly implement authentication, which allows remote attackers to modify RAMFS customization objects via unspecified vectors, as demonstrated by inserting XSS sequences or capturing credentials, aka Bug ID CSCup36829.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Adaptive_security_appliance_software | Cisco | 8.2 (including) | 8.2 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.0.45 (including) | 8.2.0.45 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.1 (including) | 8.2.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.1.1 (including) | 8.2.1.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.2 (including) | 8.2.2 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.2.10 (including) | 8.2.2.10 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.2.12 (including) | 8.2.2.12 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.2.16 (including) | 8.2.2.16 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.2.17 (including) | 8.2.2.17 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.3 (including) | 8.2.3 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.4 (including) | 8.2.4 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.4.1 (including) | 8.2.4.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.4.4 (including) | 8.2.4.4 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.5 (including) | 8.2.5 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.5.13 (including) | 8.2.5.13 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.5.22 (including) | 8.2.5.22 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.5.26 (including) | 8.2.5.26 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.5.33 (including) | 8.2.5.33 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.5.40 (including) | 8.2.5.40 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.5.41 (including) | 8.2.5.41 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.5.46 (including) | 8.2.5.46 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.5.48 (including) | 8.2.5.48 (including) |
Adaptive_security_appliance_software | Cisco | 8.2.5.50 (including) | 8.2.5.50 (including) |
Adaptive_security_appliance_software | Cisco | 8.3 (including) | 8.3 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.1 (including) | 8.3.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.1.1 (including) | 8.3.1.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.1.4 (including) | 8.3.1.4 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.1.6 (including) | 8.3.1.6 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2 (including) | 8.3.2 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.4 (including) | 8.3.2.4 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.13 (including) | 8.3.2.13 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.23 (including) | 8.3.2.23 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.25 (including) | 8.3.2.25 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.31 (including) | 8.3.2.31 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.33 (including) | 8.3.2.33 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.34 (including) | 8.3.2.34 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.37 (including) | 8.3.2.37 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.39 (including) | 8.3.2.39 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.40 (including) | 8.3.2.40 (including) |
Adaptive_security_appliance_software | Cisco | 8.3.2.41 (including) | 8.3.2.41 (including) |
Adaptive_security_appliance_software | Cisco | 8.4 (including) | 8.4 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.1 (including) | 8.4.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.1.3 (including) | 8.4.1.3 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.1.11 (including) | 8.4.1.11 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.2 (including) | 8.4.2 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.2.1 (including) | 8.4.2.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.2.8 (including) | 8.4.2.8 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.3 (including) | 8.4.3 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.3.8 (including) | 8.4.3.8 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.3.9 (including) | 8.4.3.9 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.4 (including) | 8.4.4 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.4.1 (including) | 8.4.4.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.4.3 (including) | 8.4.4.3 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.4.5 (including) | 8.4.4.5 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.4.9 (including) | 8.4.4.9 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.5 (including) | 8.4.5 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.5.6 (including) | 8.4.5.6 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.6 (including) | 8.4.6 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.7 (including) | 8.4.7 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.7.3 (including) | 8.4.7.3 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.7.15 (including) | 8.4.7.15 (including) |
Adaptive_security_appliance_software | Cisco | 8.4.7.22 (including) | 8.4.7.22 (including) |
Adaptive_security_appliance_software | Cisco | 8.6 (including) | 8.6 (including) |
Adaptive_security_appliance_software | Cisco | 8.6.1 (including) | 8.6.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.6.1.1 (including) | 8.6.1.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.6.1.2 (including) | 8.6.1.2 (including) |
Adaptive_security_appliance_software | Cisco | 8.6.1.5 (including) | 8.6.1.5 (including) |
Adaptive_security_appliance_software | Cisco | 8.6.1.10 (including) | 8.6.1.10 (including) |
Adaptive_security_appliance_software | Cisco | 8.6.1.12 (including) | 8.6.1.12 (including) |
Adaptive_security_appliance_software | Cisco | 8.6.1.13 (including) | 8.6.1.13 (including) |
Adaptive_security_appliance_software | Cisco | 8.6.1.14 (including) | 8.6.1.14 (including) |
Adaptive_security_appliance_software | Cisco | 9.0 (including) | 9.0 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.1 (including) | 9.0.1 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.2 (including) | 9.0.2 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.2.10 (including) | 9.0.2.10 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.3 (including) | 9.0.3 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.3.6 (including) | 9.0.3.6 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.3.8 (including) | 9.0.3.8 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.4 (including) | 9.0.4 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.4.1 (including) | 9.0.4.1 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.4.5 (including) | 9.0.4.5 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.4.7 (including) | 9.0.4.7 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.4.17 (including) | 9.0.4.17 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.4.20 (including) | 9.0.4.20 (including) |
Adaptive_security_appliance_software | Cisco | 9.0.4.24 (including) | 9.0.4.24 (including) |
Adaptive_security_appliance_software | Cisco | 9.1 (including) | 9.1 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.1 (including) | 9.1.1 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.1.4 (including) | 9.1.1.4 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.2 (including) | 9.1.2 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.2.8 (including) | 9.1.2.8 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.3 (including) | 9.1.3 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.3.2 (including) | 9.1.3.2 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.4 (including) | 9.1.4 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.5 (including) | 9.1.5 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.5.10 (including) | 9.1.5.10 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.5.12 (including) | 9.1.5.12 (including) |
Adaptive_security_appliance_software | Cisco | 9.1.5.15 (including) | 9.1.5.15 (including) |
Adaptive_security_appliance_software | Cisco | 9.2.0 (including) | 9.2.0 (including) |
Adaptive_security_appliance_software | Cisco | 9.2.1 (including) | 9.2.1 (including) |
Adaptive_security_appliance_software | Cisco | 9.2.2 (including) | 9.2.2 (including) |
Adaptive_security_appliance_software | Cisco | 9.2.2.4 (including) | 9.2.2.4 (including) |
Adaptive_security_appliance_software | Cisco | 9.2.3 (including) | 9.2.3 (including) |