8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
8.6 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link while establishing a VPN session. A successful exploit could allow the attacker to execute arbitrary script code in the browser or access sensitive, browser-based information, including a valid SAML token. The attacker could then use the token to establish a remote access VPN session with the privileges of the affected user. Individual hosts and services behind the VPN headend would still need additional credentials for successful access.
[
{
"vendor": "Cisco",
"product": "Cisco Secure Client",
"versions": [
{
"version": "4.9.00086",
"status": "affected"
},
{
"version": "4.9.01095",
"status": "affected"
},
{
"version": "4.9.02028",
"status": "affected"
},
{
"version": "4.9.03047",
"status": "affected"
},
{
"version": "4.9.03049",
"status": "affected"
},
{
"version": "4.9.04043",
"status": "affected"
},
{
"version": "4.9.04053",
"status": "affected"
},
{
"version": "4.9.05042",
"status": "affected"
},
{
"version": "4.9.06037",
"status": "affected"
},
{
"version": "4.10.00093",
"status": "affected"
},
{
"version": "4.10.01075",
"status": "affected"
},
{
"version": "4.10.02086",
"status": "affected"
},
{
"version": "4.10.03104",
"status": "affected"
},
{
"version": "4.10.04065",
"status": "affected"
},
{
"version": "4.10.04071",
"status": "affected"
},
{
"version": "4.10.05085",
"status": "affected"
},
{
"version": "4.10.05095",
"status": "affected"
},
{
"version": "4.10.05111",
"status": "affected"
},
{
"version": "4.10.06079",
"status": "affected"
},
{
"version": "4.10.06090",
"status": "affected"
},
{
"version": "4.10.07061",
"status": "affected"
},
{
"version": "4.10.07062",
"status": "affected"
},
{
"version": "4.10.07073",
"status": "affected"
},
{
"version": "5.0.00238",
"status": "affected"
},
{
"version": "5.0.00529",
"status": "affected"
},
{
"version": "5.0.00556",
"status": "affected"
},
{
"version": "5.0.01242",
"status": "affected"
},
{
"version": "5.0.02075",
"status": "affected"
},
{
"version": "5.0.03072",
"status": "affected"
},
{
"version": "5.0.03076",
"status": "affected"
},
{
"version": "5.0.04032",
"status": "affected"
},
{
"version": "5.0.05040",
"status": "affected"
},
{
"version": "5.1.0.136",
"status": "affected"
},
{
"version": "5.1.1.42",
"status": "affected"
}
]
}
]
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
8.6 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%