Secure Desktop Security Vulnerabilities and Issues — Secure Desktop CVE List

Lucene search

CiscoSecure Desktop

3 matches found

CVE•added 2010/02/03 6:30 p.m.•55 views

CVE-2010-0440

Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is ...

4.3CVSS5.6AI score0.39315EPSS

CVE•added 2010/04/15 5:30 p.m.•37 views

CVE-2010-0589

The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desktop (CSD) before 3.5.841 does not properly verify the signatures of downloaded programs, which allows remote attackers to force the download and execution of arbitrary files via a crafted web page, aka Bug ID CSCta25876.

9.3CVSS6.6AI score0.01572EPSS

CVE•added 2010/10/14 5:52 a.m.•30 views

CVE-2009-5008

Cisco Secure Desktop (CSD), when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a modified executable file.

2.1CVSS6.4AI score0.00063EPSS