Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2041

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2011-2041
Last Modified 06 Sep 2011 11:16:54
Published 02 Jun 2011 04:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2011-2041

Summary

The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556.

Vulnerable Systems

Application

  • Cisco Anyconnect Secure Mobility Client 2.0

  • Cisco Anyconnect Secure Mobility Client 2.1

  • Cisco Anyconnect Secure Mobility Client 2.2

  • Cisco Anyconnect Secure Mobility Client 2.2.128

  • Cisco Anyconnect Secure Mobility Client 2.2.133

  • Cisco Anyconnect Secure Mobility Client 2.2.136

  • Cisco Anyconnect Secure Mobility Client 2.2.140

  • Cisco Anyconnect Secure Mobility Client 2.3

  • Cisco Anyconnect Secure Mobility Client 2.3.185

  • Cisco Anyconnect Secure Mobility Client 2.3.2016


References

SECTRACK - 1025591

BID - 48077

CISCO - 20110601 Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client

OSVDB - 72716


Last Updated: 27 May 2016 10:56:53