CVEDB API

Vulnerabilities

Vulnerable Software

Cisco: >> Anyconnect Secure Mobility Client >> 3.1.0 Security Vulnerabilities

CVE-2015-0665

The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173.

CVSS Score

6.6

EPSS Score

0.001

Published

2015-03-17

CVE-2015-0662

Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to gain privileges via crafted IPC messages that trigger use of root privileges for a software-package installation, aka Bug ID CSCus79385.

CVSS Score

7.2

EPSS Score

0.001

Published

2015-03-17

CVE-2013-1172

The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153.

CVSS Score

6.6

EPSS Score

0.001

Published

2013-04-11

CVE-2013-1173

Heap-based buffer overflow in ciscod.exe in the Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14143.

CVSS Score

6.6

EPSS Score

0.001

Published

2013-04-11

CVE-2012-3088

Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua13166.

CVSS Score

9.3

EPSS Score

0.005

Published

2012-09-16

CVE-2012-3094

The VPN downloader in the download_install component in Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495 on Linux accepts arbitrary X.509 server certificates without user interaction, which allows remote attackers to obtain sensitive information via vectors involving an invalid certificate, aka Bug ID CSCua11967.

CVSS Score

5.0

EPSS Score

0.001

Published

2012-09-16

Page 2

Vulnerabilities

Vulnerable Software

Cisco: >> Anyconnect Secure Mobility Client >> 3.1.0 Security Vulnerabilities

Products

Pricing

Contact Us