14 matches found
CVE-2021-1519
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. The vulnerability is due to insufficient validation of user-supplied input. An attacker...
CVE-2021-1519
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. The vulnerability is due to insufficient validation of user-supplied input. An attacker...
Input validation
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. The vulnerability is due to insufficient validation of user-supplied input. An attacker...
CVE-2021-1519
Cisco AnyConnect Secure Mobility Client contains a vulnerability in its interprocess communication (IPC) channel (CVE-2021-1519). The issue stems from insufficient validation of user-supplied input, allowing an authenticated, local attacker to send a crafted IPC message and modify VPN profile fil...
Cisco AnyConnect Secure Mobility Client 输入验证错误漏洞
Cisco AnyConnect Secure Mobility Client for Windows is a Windows-based secure mobility client from Cisco that provides secure access to networks and applications from any device. An input validation error vulnerability exists in the interprocess communication IPC channel of Cisco AnyConnect Secur...
CVE-2020-3435
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on th...
CVE-2020-3435
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on th...
Input validation
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on th...
CVE-2020-3435 Cisco AnyConnect Secure Mobility Client for Windows Profile Modification Vulnerability
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on th...
Cisco AnyConnect Secure Mobility Client for Windows Profile Modification (cisco-sa-anyconnect-profile-7u3PERKF)
According to its self-reported version, Cisco AnyConnect Secure Mobility Client is affected by a vulnerability in the interprocess communication IPC channel due to insufficient validation of user-supplied input. An authenticated, local attacker can exploit this, by sending a crafted IPC message t...
Cisco AnyConnect Secure Mobility Client for Windows Profile Modification Vulnerability
A vulnerability in the interprocess communication IPC channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on th...
August 2014 MDM client update in Windows RT 8.1 and Windows 8.1
August 2014 MDM client update in Windows RT 8.1 and Windows 8.1 Symptoms Issue 1 Assume that you install a Windows Store app, such as Microsoft OneNote, through Mobile Device Manager MDM in Windows RT 8.1 or Windows 8.1. In this situation, the app cannot be updated through Windows Store...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the XML-RPC API in the Desktop Client in OpenVPN Access Server 1.5.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 disconnecting established VPN sessions, 2 connect to arbitrary VPN...
CVE-2014-9104
CVE-2014-9104 covers CSRF vulnerabilities in the XML-RPC API of the OpenVPN Access Server Desktop Client (versions up to 1.5.6). The issues allow an attacker to hijack administrator authentication and perform actions via crafted API requests, including disconnecting VPN sessions, connecting to ar...