Detections
Analytics
Cisco ASA Software SharePoint RAMFS Integrity and Lua Injection Vulnerabilities (CSCup54208 and CSCup54184)
medium Nessus Plugin ID 79667
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
According to its banner, the version of the Cisco ASA software on the remote device is affected by a vulnerability in its SSL VPN code due to improper validation of session information for the SSL VPN when a SharePoint handler is created. This allows a remote, authenticated attacker to overwrite arbitrary files present on the RAMFS file system, inject Lua scripts, or cause a denial of service condition via crafted HTTP requests.Solution
Apply the relevant patch referenced in the vendor advisory.See Also
http://www.nessus.org/u?eadb7d7e
https://tools.cisco.com/security/center/viewAlert.x?alertId=35989
Plugin Details
Severity: Medium
ID: 79667
File Name: cisco-sn-CVE-2014-3399-asa.nasl
Version: 1.6
Type: local
Family: CISCO
Published: 12/2/2014
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.2
CVSS v2
Risk Factor: Medium
Base Score: 5.5
Temporal Score: 4.1
Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:P
Vulnerability Information
CPE: cpe:/a:cisco:adaptive_security_appliance_software
Required KB Items: Host/Cisco/ASA
Exploit Ease: No known exploits are available
Patch Publication Date: 10/6/2014
Vulnerability Publication Date: 10/6/2014
Reference Information
CVE: CVE-2014-3399
BID: 70251
CISCO-BUG-ID: CSCup54184, CSCup54208