CVE-2014-3390
Cisco Adaptive Security Appliance Software 8.7-9.3 - Local Privilege Escalation via Crafted Script
Title source: llmDescription
The Virtual Network Management Center (VNMC) policy implementation in Cisco ASA Software 8.7 before 8.7(1.14), 9.2 before 9.2(2.8), and 9.3 before 9.3(1.1) allows local users to obtain Linux root access by leveraging administrative privileges and executing a crafted script, aka Bug IDs CSCuq41510 and CSCuq47574.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa
Scores
EPSS
0.0035
EPSS Percentile
27.0%
Details
CWE
CWE-20
Status
published
Products (12)
cisco/adaptive_security_appliance_software
8.7.8
cisco/adaptive_security_appliance_software
8.7.1
cisco/adaptive_security_appliance_software
8.7.1.3
cisco/adaptive_security_appliance_software
8.7.1.4
cisco/adaptive_security_appliance_software
8.7.1.7
cisco/adaptive_security_appliance_software
8.7.1.11
cisco/adaptive_security_appliance_software
8.7.1.13
cisco/adaptive_security_appliance_software
9.2.1
cisco/adaptive_security_appliance_software
9.2.2
cisco/adaptive_security_appliance_software
9.2.2.4
... and 2 more
Published
Oct 10, 2014
Tracked Since
Feb 18, 2026