CVE-2014-3391

medium

Cisco

CVSS v3 Base Score

6.8

AV:L/AC:L/Au:S/C:C/I:C/A:C

EPSS Score

0.1%

Exploitation probability in 30 days

Top 74% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: October 10, 2014 (4234 days ago)

Last Modified: May 6, 2026

Vendor: Cisco

Source: NVD

Description

Untrusted search path vulnerability in Cisco ASA Software 8.x before 8.4(3), 8.5, and 8.7 before 8.7(1.13) allows local users to gain privileges by placing a Trojan horse library file in external memory, leading to library use after device reload because of an incorrect LD_LIBRARY_PATH value, aka Bug ID CSCtq52661.

CWE

CWE-20

Affected Products

cisco adaptive security appliance software

References

🔗 tools.cisco.com 🔗 tools.cisco.com

CVE-2014-3391

Vulnerability Report

Description

CWE

Affected Products

References