Lucene search

[email protected]CVE-2015-0664

HistoryMar 18, 2015 - 11:59 p.m.

CVE-2015-0664

2015-03-1823:59:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2015-0664

cisco

anyconnect

secure mobility client

vulnerability

bug id

cscus79195

nvd

6.6 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195.

Affected configurations

NVD

Node

ciscoanyconnect_secure_mobility_clientRange≤4.0\(.00051\)

CPENameOperatorVersion
cisco:anyconnect_secure_mobility_clientcisco anyconnect secure mobility clientle4.0\(.00051\)

CPE	Name	Operator	Version
cisco:anyconnect_secure_mobility_client	cisco anyconnect secure mobility client	le	4.0\(.00051\)

References

tools.cisco.com/security/center/viewAlert.x?alertId=37861

www.securitytracker.com/id/1031932

6.6 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2015-0664

cvelist1 prion1 nvd1 cisco1 nessus2 kaspersky1