Untrusted Search Path Vulnerability in Cisco ASA Software 8.x before 8.4(3), 8.5, and 8.7 before 8.7(1.13)
CVE-2014-3391 · MEDIUM Severity
AV:L/AC:L/AU:S/C:C/I:C/A:C
Untrusted search path vulnerability in Cisco ASA Software 8.x before 8.4(3), 8.5, and 8.7 before 8.7(1.13) allows local users to gain privileges by placing a Trojan horse library file in external memory, leading to library use after device reload because of an incorrect LD_LIBRARY_PATH value, aka Bug ID CSCtq52661.
Learn more about our Cis Benchmark Audit For Cisco.