CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6305

Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.057

EPSS Ranking 89.8%

CVSS Severity

CVSS v2 Score 7.2

References

Products affected by CVE-2015-6305

Cisco » Anyconnect Secure Mobility Client » Version: 2.0.0343

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0.0343
Cisco » Anyconnect Secure Mobility Client » Version: 2.1.0.148

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1.0.148
Cisco » Anyconnect Secure Mobility Client » Version: 2.2.0133

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0133
Cisco » Anyconnect Secure Mobility Client » Version: 2.2.0136

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0136
Cisco » Anyconnect Secure Mobility Client » Version: 2.2.0140

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0140
Cisco » Anyconnect Secure Mobility Client » Version: 2.3.0185

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.0185
Cisco » Anyconnect Secure Mobility Client » Version: 2.3.0254

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.0254
Cisco » Anyconnect Secure Mobility Client » Version: 2.3.1003

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.1003
Cisco » Anyconnect Secure Mobility Client » Version: 2.3.2016

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016
Cisco » Anyconnect Secure Mobility Client » Version: 2.4.0202

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202
Cisco » Anyconnect Secure Mobility Client » Version: 2.4.1012

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.0217

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.0217
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.2006

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2006
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.2010

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2010
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.2011

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2011
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.2014

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2014
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.2017

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2017
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.2018

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2018
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.2019

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2019
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.3041

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3041
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.3046

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3046
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.3051

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3051
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.3054

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3054
Cisco » Anyconnect Secure Mobility Client » Version: 2.5.3055

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3055
Cisco » Anyconnect Secure Mobility Client » Version: 2.5_base

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5_base
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.0

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.0
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.0629

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.0629
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.09231

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09231
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.09266

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09266
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.09353

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09353
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.1047

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.1047
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.2052

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.2052
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.3050

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.3050
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.3054

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.3054
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.4235

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.4235
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.5075

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.5075
Cisco » Anyconnect Secure Mobility Client » Version: 3.0.5080

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.5080
Cisco » Anyconnect Secure Mobility Client » Version: 3.1(60)

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1(60)
Cisco » Anyconnect Secure Mobility Client » Version: 3.1.0

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.0
Cisco » Anyconnect Secure Mobility Client » Version: 3.1.02043

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.02043
Cisco » Anyconnect Secure Mobility Client » Version: 3.1.05182

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.05182
Cisco » Anyconnect Secure Mobility Client » Version: 3.1.05187

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.05187
Cisco » Anyconnect Secure Mobility Client » Version: 3.1.06073

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.06073
Cisco » Anyconnect Secure Mobility Client » Version: 3.1.07021

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.07021
Cisco » Anyconnect Secure Mobility Client » Version: 4.0(2049)

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0(2049)
Cisco » Anyconnect Secure Mobility Client » Version: 4.0(48)

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0(48)
Cisco » Anyconnect Secure Mobility Client » Version: 4.0(64)

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0(64)
Cisco » Anyconnect Secure Mobility Client » Version: 4.0.0

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.0
Cisco » Anyconnect Secure Mobility Client » Version: 4.0.00048

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00048
Cisco » Anyconnect Secure Mobility Client » Version: 4.0.00051

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00051
Cisco » Anyconnect Secure Mobility Client » Version: 4.1.0

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.0
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-
Microsoft » Windows » Version: 1.0

cpe:2.3:o:microsoft:windows:1.0
Microsoft » Windows » Version: 2.0

cpe:2.3:o:microsoft:windows:2.0
Microsoft » Windows » Version: 2000

cpe:2.3:o:microsoft:windows:2000
Microsoft » Windows » Version: 3.0

cpe:2.3:o:microsoft:windows:3.0
Microsoft » Windows » Version: 3.1

cpe:2.3:o:microsoft:windows:3.1
Microsoft » Windows » Version: 3.11

cpe:2.3:o:microsoft:windows:3.11
Microsoft » Windows » Version: server_2008

cpe:2.3:o:microsoft:windows:server_2008
Microsoft » Windows » Version: vista

cpe:2.3:o:microsoft:windows:vista

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6305

Products

Pricing

Contact Us