Cross-Site Scripting Vulnerability in Cisco ASA 5580 Devices
CVE-2009-4910

Currently unrated

Key Information:

Vendor: Cisco
Status: Asa 5580
Vendor: CVE Published:; 29 June 2010

Summary

The Cisco Adaptive Security Appliance (ASA) 5580 series devices exhibit a cross-site scripting (XSS) vulnerability in the WebVPN portal. This vulnerability allows remote attackers to inject arbitrary web scripts or HTML, potentially leading to malicious exploitations that compromise the integrity and confidentiality of the affected systems. It is found in devices running software versions prior to 8.1(2), highlighting the need for timely updates to safeguard against such vulnerabilities.

References

http://www.cisco.com/en/US/docs/security/asa/asa81/releas...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 29, 2010