CVE-2014-2151
Description
The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug ID CSCui04520.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cisco ASA WebVPN portal in versions 8.4(.7.15) and earlier discloses sensitive information to authenticated users via a crafted JavaScript file.
Vulnerability
The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software version 8.4(.7.15) and earlier contains a vulnerability that allows remote authenticated users to obtain sensitive information via a crafted JavaScript file. The issue is identified by Bug ID CSCui04520 [1].
Exploitation
An attacker must have valid credentials to authenticate to the WebVPN portal. The attacker then crafts a JavaScript file that, when processed by the portal, leads to the disclosure of sensitive information. No additional privileges or user interaction beyond authentication are required.
Impact
Successful exploitation results in the disclosure of sensitive information to the authenticated attacker. The exact nature of the information is not specified in the available references, but it is classified as a confidentiality impact.
Mitigation
Cisco has not disclosed a fixed version in the available references. Users should monitor Cisco's security advisories for updates. As of the publication date (2014-06-18), no patch is mentioned.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*Range: <=8.4\(7.15\)
- Range: <=8.4(.7.15)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2151nvdBroken LinkVendor Advisory
- tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
- www.securityfocus.com/bid/68063nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1030445nvdBroken LinkThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.