CVE-2011-2041

2011-06-0220:55:03

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

Percentile

5.1%

JSON

The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556.

Affected configurations

Nvd

Node

ciscoanyconnect_secure_mobility_clientRange≤2.3.2016

ciscoanyconnect_secure_mobility_clientMatch2.0

ciscoanyconnect_secure_mobility_clientMatch2.1

ciscoanyconnect_secure_mobility_clientMatch2.2

ciscoanyconnect_secure_mobility_clientMatch2.2.128

ciscoanyconnect_secure_mobility_clientMatch2.2.133

ciscoanyconnect_secure_mobility_clientMatch2.2.136

ciscoanyconnect_secure_mobility_clientMatch2.2.140

ciscoanyconnect_secure_mobility_clientMatch2.3

ciscoanyconnect_secure_mobility_clientMatch2.3.185

AND

microsoftwindows

microsoftwindows_mobile

VendorProductVersionCPE
ciscoanyconnect_secure_mobility_client*cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:*:*:*
ciscoanyconnect_secure_mobility_client2.0cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0:*:*:*:*:*:*:*
ciscoanyconnect_secure_mobility_client2.1cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1:*:*:*:*:*:*:*
ciscoanyconnect_secure_mobility_client2.2cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2:*:*:*:*:*:*:*
ciscoanyconnect_secure_mobility_client2.2.128cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128:*:*:*:*:*:*:*
ciscoanyconnect_secure_mobility_client2.2.133cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133:*:*:*:*:*:*:*
ciscoanyconnect_secure_mobility_client2.2.136cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136:*:*:*:*:*:*:*
ciscoanyconnect_secure_mobility_client2.2.140cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140:*:*:*:*:*:*:*
ciscoanyconnect_secure_mobility_client2.3cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3:*:*:*:*:*:*:*
ciscoanyconnect_secure_mobility_client2.3.185cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.185:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	anyconnect_secure_mobility_client	*	cpe:2.3:a:cisco:anyconnect_secure_mobility_client::::::::
cisco	anyconnect_secure_mobility_client	2.0	cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0:::::::*
cisco	anyconnect_secure_mobility_client	2.1	cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1:::::::*
cisco	anyconnect_secure_mobility_client	2.2	cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2:::::::*
cisco	anyconnect_secure_mobility_client	2.2.128	cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128:::::::*
cisco	anyconnect_secure_mobility_client	2.2.133	cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133:::::::*
cisco	anyconnect_secure_mobility_client	2.2.136	cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136:::::::*
cisco	anyconnect_secure_mobility_client	2.2.140	cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140:::::::*
cisco	anyconnect_secure_mobility_client	2.3	cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3:::::::*
cisco	anyconnect_secure_mobility_client	2.3.185	cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.185:::::::*