Lucene search
CiscoCVE-2015-4289HistoryAug 01, 2015 - 1:59 a.m.
CVE-2015-4289
2015-08-0101:59:14
CWE-22
cisco
web.nvd.nist.gov
44
cve-2015-4289
directory traversal
cisco anyconnect
secure mobility client
remote write vulnerability
configuration attribute
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
41.5%
Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote head-end systems to write to arbitrary files via a crafted configuration attribute, aka Bug ID CSCut93920.
Affected configurations
Node
ciscoanyconnect_secure_mobility_clientMatch4.0\(2049\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | 4.0(2049) | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\(2049\):*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-4289
2015-08-01 01:00:00
nvd
nvd
CVE-2015-4289
2015-08-01 01:59:14
prion
prion
Directory traversal
2015-08-01 01:59:00
cisco
cisco
Cisco AnyConnect Secure Mobilty Client Directory Traversal Vulnerability
2015-07-30 20:36:27
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
41.5%
Related for CVE-2015-4289