Security for everyone

CVE-2014-2128 Scanner

Detects 'Authentication Bypass' vulnerability in Cisco Adaptive Security Appliance (ASA) Software affects v. 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2).


Short Info




Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Domain, Ipv4

Parent Category

CVE-2014-2128 Scanner Detail

Cisco Adaptive Security Appliance (ASA) Software is a security software developed by Cisco Systems, Inc. for different purposes such as providing a secure VPN (Virtual Private Network) connection between remote users and the organization's network, protecting against unauthorized access to and from the network, and providing firewall services. The software has been widely used by organizations of all sizes to ensure their network's security and to manage their traffic efficiently, making it one of the most dependable security solutions for businesses.

CVE-2014-2128 is a vulnerability detected in Cisco ASA Software. This vulnerability could enable remote attackers to bypass authentication by exploiting the software's SSL VPN implementation in versions 8.2 before 8.2(5.47), 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2). Attackers can leverage an unauthenticated session, with complete access to the targeted web application, by either using a crafted cookie within modified HTTP POST data or by sending a malicious URL.

Exploiting CVE-2014-2128 can lead to significant risks for organizations. Attackers can gain unauthorized access to sensitive data, cause denial-of-service (DoS) attacks, exfiltrate sensitive data, or escalate their privileges to gain further control over the targeted system. Organizations may also suffer from reputational damage, regulatory fines, and lawsuits if the attackers exploit the vulnerability to steal sensitive data or cause other disruptions.

Thanks to the advanced features of the platform, network administrators and security managers can stay ahead of such vulnerabilities. The platform provides comprehensive vulnerability scanning, configuration assessments, and application penetration testing services to detect vulnerabilities in digital assets, including web applications, network infrastructure, and cloud environments. With, organizations can proactively identify and mitigate security risks before they can cause any damage, ensuring robust security of their digital assets.



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture