Cisco warns a decade-old vulnerability is back and targeting users




  • A cross-scripting bug plaguing Cisco’s Adaptive Security Appliance is being actively exploited, the company warns
  • The flaw was first discovered a decade ago
  • CISA added it to KEV, and warned federal agencies to patch

Cisco has updated a decade-old advisory to warn users that the ancient vulnerability is now being actively exploited in the wild to spread malware.

Spotted by The Hacker News, the advisory is for a cross-site scripting (XSS) vulnerability affecting the WebVPN login page for the Cisco Adaptive Security Appliance (ASA) Software.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *