Lucene search
HistoryNov 04, 2013 - 4:55 p.m.
CVE-2013-5559
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
High
EPSS
0.833
Percentile
98.5%
Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.
Affected configurations
Node
ciscoanyconnect_secure_mobility_clientMatch2.0
ORciscoanyconnect_secure_mobility_clientMatch2.1
ORciscoanyconnect_secure_mobility_clientMatch2.2
ORciscoanyconnect_secure_mobility_clientMatch2.2.128
ORciscoanyconnect_secure_mobility_clientMatch2.2.133
ORciscoanyconnect_secure_mobility_clientMatch2.2.136
ORciscoanyconnect_secure_mobility_clientMatch2.2.140
ORciscoanyconnect_secure_mobility_clientMatch2.3
ORciscoanyconnect_secure_mobility_clientMatch2.3.185
ORciscoanyconnect_secure_mobility_clientMatch2.3.254
ORciscoanyconnect_secure_mobility_clientMatch2.3.2016
ORciscoanyconnect_secure_mobility_clientMatch2.4
ORciscoanyconnect_secure_mobility_clientMatch2.4symbian_os
ORciscoanyconnect_secure_mobility_clientMatch2.4.0202
ORciscoanyconnect_secure_mobility_clientMatch2.4.1012
ORciscoanyconnect_secure_mobility_clientMatch2.4.4004iphone_os
ORciscoanyconnect_secure_mobility_clientMatch2.4.4014iphone_os
ORciscoanyconnect_secure_mobility_clientMatch2.4.5004symbian_os
ORciscoanyconnect_secure_mobility_clientMatch2.4.7030android
ORciscoanyconnect_secure_mobility_clientMatch2.4.7073android
ORciscoanyconnect_secure_mobility_clientMatch2.5
ORciscoanyconnect_secure_mobility_clientMatch2.5.0217
ORciscoanyconnect_secure_mobility_clientMatch2.5.1025
ORciscoanyconnect_secure_mobility_clientMatch2.5.2001
ORciscoanyconnect_secure_mobility_clientMatch2.5.2006
ORciscoanyconnect_secure_mobility_clientMatch2.5.2010
ORciscoanyconnect_secure_mobility_clientMatch2.5.2011
ORciscoanyconnect_secure_mobility_clientMatch2.5.2014
ORciscoanyconnect_secure_mobility_clientMatch2.5.2017
ORciscoanyconnect_secure_mobility_clientMatch2.5.2018
ORciscoanyconnect_secure_mobility_clientMatch2.5.2019
ORciscoanyconnect_secure_mobility_clientMatch2.5.3041
ORciscoanyconnect_secure_mobility_clientMatch2.5.3046
ORciscoanyconnect_secure_mobility_clientMatch2.5.3051
ORciscoanyconnect_secure_mobility_clientMatch2.5.3054
ORciscoanyconnect_secure_mobility_clientMatch2.5.3055
ORciscoanyconnect_secure_mobility_clientMatch2.5.5112iphone_os
ORciscoanyconnect_secure_mobility_clientMatch2.5.5116android
ORciscoanyconnect_secure_mobility_clientMatch2.5.5118android
ORciscoanyconnect_secure_mobility_clientMatch2.5.5125android
ORciscoanyconnect_secure_mobility_clientMatch2.5.5130iphone_os
ORciscoanyconnect_secure_mobility_clientMatch2.5.5131android
ORciscoanyconnect_secure_mobility_clientMatch2.5.6005
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | 2.0 | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0:*:*:*:*:*:*:* |
| cisco | anyconnect_secure_mobility_client | 2.1 | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1:*:*:*:*:*:*:* |
| cisco | anyconnect_secure_mobility_client | 2.2 | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2:*:*:*:*:*:*:* |
| cisco | anyconnect_secure_mobility_client | 2.2.128 | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128:*:*:*:*:*:*:* |
| cisco | anyconnect_secure_mobility_client | 2.2.133 | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133:*:*:*:*:*:*:* |
| cisco | anyconnect_secure_mobility_client | 2.2.136 | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136:*:*:*:*:*:*:* |
| cisco | anyconnect_secure_mobility_client | 2.2.140 | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140:*:*:*:*:*:*:* |
| cisco | anyconnect_secure_mobility_client | 2.3 | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3:*:*:*:*:*:*:* |
| cisco | anyconnect_secure_mobility_client | 2.3.185 | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.185:*:*:*:*:*:*:* |
| cisco | anyconnect_secure_mobility_client | 2.3.254 | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.254:*:*:*:*:*:*:* |
Related
prion
prion
Buffer overflow
2013-11-04 16:55:00
nessus
nessus
cvelist
cvelist
CVE-2013-5559
2013-11-04 15:00:00
cve
cve
CVE-2013-5559
2013-11-04 16:55:05
cisco
cisco
Cisco AnyConnect Secure Mobility Client VPNAPI COM Buffer Overflow Vulnerability
2013-11-04 18:25:17
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
High
EPSS
0.833
Percentile
98.5%
Related for NVD:CVE-2013-5559