CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x before 4.0(2052) on Linux does not properly implement unspecified internal functions, which allows local users to obtain root privileges via crafted vpnagent options, aka Bug ID CSCus86790.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | anyconnect_secure_mobility_client | * | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:*:*:* |
cisco | anyconnect_secure_mobility_client | 4.0(.00048) | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\(.00048\):*:*:*:*:*:*:* |
cisco | anyconnect_secure_mobility_client | 4.0(.00051) | cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\(.00051\):*:*:*:*:*:*:* |