Lucene search

[email protected]NVD:CVE-2015-0664

HistoryMar 18, 2015 - 11:59 p.m.

CVE-2015-0664

2015-03-1823:59:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195.

Affected configurations

Nvd

Node

ciscoanyconnect_secure_mobility_clientRange≤4.0\(.00051\)

VendorProductVersionCPE
ciscoanyconnect_secure_mobility_client*cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	anyconnect_secure_mobility_client	*	cpe:2.3:a:cisco:anyconnect_secure_mobility_client::::::::

References

tools.cisco.com/security/center/viewAlert.x?alertId=37861

www.securitytracker.com/id/1031932

CVSS2

4.3

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2015-0664

cvelist1 cisco1 prion1 cve1 nessus2 kaspersky1