Lucene search
HistoryAug 01, 2015 - 1:59 a.m.
CVE-2015-4289
cve-2015-4289
directory traversal
cisco anyconnect
secure mobility client
remote write vulnerability
configuration attribute
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.5%
Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920.
Affected configurations
Node
ciscoanyconnect_secure_mobility_clientMatch4.0\(2049\)
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:anyconnect_secure_mobility_client | cisco anyconnect secure mobility client | eq | 4.0\(2049\) |
Related
cvelist
cvelist
CVE-2015-4289
2015-08-01 01:00:00
nvd
nvd
CVE-2015-4289
2015-08-01 01:59:14
nessus
nessus
cisco
cisco
Cisco AnyConnect Secure Mobilty Client Directory Traversal Vulnerability
2015-07-30 20:36:27
prion
prion
Directory traversal
2015-08-01 01:59:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
6.8 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.5%
Related for CVE-2015-4289