Secure Desktop Security Vulnerabilities and Issues — Secure Desktop CVE List

Lucene search

CiscoSecure Desktop

4 matches found

CVE•added 2010/02/03 6:30 p.m.•55 views

CVE-2010-0440

Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is ...

4.3CVSS5.6AI score0.39315EPSS

CVE•added 2012/06/20 8:55 p.m.•45 views

CVE-2012-2495

The HostScan downloader implementation in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR8 and Cisco Secure Desktop before 3.6.6020 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by usin...

4.3CVSS6.8AI score0.00215EPSS

CVE•added 2006/11/08 10:7 p.m.•35 views

CVE-2006-5808

The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses insecure default permissions (all users full control) for the CSD directory and its parent directory, which allow local users to gain privileges by replacing CSD executables, aka "Local Privilege Escalation".

4.6CVSS6.7AI score0.00075EPSS

CVE•added 2006/11/08 10:7 p.m.•31 views

CVE-2006-5807

Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to escape out of the secure desktop environment by using certain applications that switch to the default desktop, aka "System Policy Evasion".

4.6CVSS6.3AI score0.0011EPSS