Lucene search

[email protected]CVE-2015-0665

HistoryMar 17, 2015 - 2:01 a.m.

CVE-2015-0665

2015-03-1702:01:49

CWE-22

[email protected]

web.nvd.nist.gov

cisco

anyconnect

secure mobility client

hostscan

cve-2015-0665

nvd

bug id cscus79173

6.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.9%

JSON

The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173.

Affected configurations

NVD

Node

ciscoanyconnect_secure_mobility_clientRange≤4.0\(.00051\)

CPENameOperatorVersion
cisco:anyconnect_secure_mobility_clientcisco anyconnect secure mobility clientle4.0\(.00051\)

CPE	Name	Operator	Version
cisco:anyconnect_secure_mobility_client	cisco anyconnect secure mobility client	le	4.0\(.00051\)

References

tools.cisco.com/security/center/viewAlert.x?alertId=37862

www.securitytracker.com/id/1031931

6.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.9%

JSON

Related for CVE-2015-0665

prion1 cisco1 cvelist1 nvd1 nessus2 kaspersky1