Vulnerability Details CVE-2016-6369
Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160824-anyconnect
- http://www.securityfocus.com/bid/92625
- http://www.securitytracker.com/id/1036697
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160824-anyconnect
- http://www.securityfocus.com/bid/92625
- http://www.securitytracker.com/id/1036697
Products affected by CVE-2016-6369
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0.0343
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1.0148
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0133
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0136
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0140
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.0185
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.0254
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.1003
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.0217
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2006
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2010
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2011
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2014
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2017
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2018
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2019
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3041
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3046
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3051
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3054
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3055
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5_base
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.0
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.0629
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09231
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09266
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09353
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.1047
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.2052
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.3050
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.3054
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.4235
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.5075
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.5080
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1(60)
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.0
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.02043
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.05182
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.05187
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.06073
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.07021
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0(2049)
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0(48)
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0(64)
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.0
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00048
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00051
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1(8)
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.0
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.0
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.04039
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.0
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.00748
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.01095