Lucene search

[email protected]CVE-2012-3052

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-3052

2022-10-0316:15:23

[email protected]

web.nvd.nist.gov

cve-2012-3052

cisco vpn client

vulnerability

untrusted search path

bug id cscua28747

nvd

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in Cisco VPN Client 5.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka Bug ID CSCua28747.

Affected configurations

NVD

Node

ciscovpn_clientMatch5.0

ciscovpn_clientMatch5.0.01

ciscovpn_clientMatch5.0.01.0600

ciscovpn_clientMatch5.0.2

ciscovpn_clientMatch5.0.02.0090

ciscovpn_clientMatch5.0.2.0090

ciscovpn_clientMatch5.0.03.0530

ciscovpn_clientMatch5.0.03.0560

ciscovpn_clientMatch5.0.04.0300

ciscovpn_clientMatch5.0.5

ciscovpn_clientMatch5.0.05.0290

ciscovpn_clientMatch5.0.6

ciscovpn_clientMatch5.0.06.0160

ciscovpn_clientMatch5.0.7

ciscovpn_clientMatch5.0.07.0290

ciscovpn_clientMatch5.0.07.0410

ciscovpn_clientMatch5.0.07.0440

CPENameOperatorVersion
cisco:vpn_clientcisco vpn clienteq5.0
cisco:vpn_clientcisco vpn clienteq5.0.01
cisco:vpn_clientcisco vpn clienteq5.0.01.0600
cisco:vpn_clientcisco vpn clienteq5.0.2
cisco:vpn_clientcisco vpn clienteq5.0.02.0090
cisco:vpn_clientcisco vpn clienteq5.0.2.0090
cisco:vpn_clientcisco vpn clienteq5.0.03.0530
cisco:vpn_clientcisco vpn clienteq5.0.03.0560
cisco:vpn_clientcisco vpn clienteq5.0.04.0300
cisco:vpn_clientcisco vpn clienteq5.0.5

CPE	Name	Operator	Version
cisco:vpn_client	cisco vpn client	eq	5.0
cisco:vpn_client	cisco vpn client	eq	5.0.01
cisco:vpn_client	cisco vpn client	eq	5.0.01.0600
cisco:vpn_client	cisco vpn client	eq	5.0.2
cisco:vpn_client	cisco vpn client	eq	5.0.02.0090
cisco:vpn_client	cisco vpn client	eq	5.0.2.0090
cisco:vpn_client	cisco vpn client	eq	5.0.03.0530
cisco:vpn_client	cisco vpn client	eq	5.0.03.0560
cisco:vpn_client	cisco vpn client	eq	5.0.04.0300
cisco:vpn_client	cisco vpn client	eq	5.0.5

Rows per page:

1-10 of 171

References

www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2012-3052

nvd1 cvelist1 prion1 nessus1