Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0663

Overview

Vulnerability Score 6.6 6.6
CVE Id CVE-2015-0663
Last Modified 23 Mar 2015 10:02:14
Published 16 Mar 2015 10:01:49
Confidentiality Impact NONE NONE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2015-0663

Summary

Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly implement access control for IPC messages, which allows local users to write to arbitrary files via crafted messages, aka Bug ID CSCus79392.

Vulnerable Systems

Application

  • Cisco Anyconnect Secure Mobility Client 4.0%28.00051%29


References

CISCO - 20150314 Cisco AnyConnect Secure Mobility Client Arbitrary File Write Vulnerability

SECTRACK - 1031930


Last Updated: 27 May 2016 11:08:10