CVE-2014-3390

Cisco Adaptive Security Appliance Software 8.7-9.3 - Local Privilege Escalation via Crafted Script

Title source: llm
STIX 2.1

Description

The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and CSCuq47574.

References (1)

Core 1
Core References

Scores

EPSS 0.0035
EPSS Percentile 27.0%

Details

CWE
CWE-20
Status published
Products (12)
cisco/adaptive_security_appliance_software 8.7.8
cisco/adaptive_security_appliance_software 8.7.1
cisco/adaptive_security_appliance_software 8.7.1.3
cisco/adaptive_security_appliance_software 8.7.1.4
cisco/adaptive_security_appliance_software 8.7.1.7
cisco/adaptive_security_appliance_software 8.7.1.11
cisco/adaptive_security_appliance_software 8.7.1.13
cisco/adaptive_security_appliance_software 9.2.1
cisco/adaptive_security_appliance_software 9.2.2
cisco/adaptive_security_appliance_software 9.2.2.4
... and 2 more
Published Oct 10, 2014
Tracked Since Feb 18, 2026