Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anyconnect anyconnect vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4148
Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
Anyconnect Anyconnect
NA
CVE-2015-6322
The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 up to and including 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563.
Cisco Anyconnect Secure Mobility Client 2.3.0254
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.5.2011
Cisco Anyconnect Secure Mobility Client 2.5.2017
Cisco Anyconnect Secure Mobility Client 2.5.3051
Cisco Anyconnect Secure Mobility Client 2.5.3055
Cisco Anyconnect Secure Mobility Client 3.0.4235
Cisco Anyconnect Secure Mobility Client 3.0.5080
Cisco Anyconnect Secure Mobility Client 3.1.05187
Cisco Anyconnect Secure Mobility Client 3.1.07021
Cisco Anyconnect Secure Mobility Client 4.0\\(64\\)
Cisco Anyconnect Secure Mobility Client 4.0\\(2049\\)
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.5 Base
Cisco Anyconnect Secure Mobility Client 2.5.0217
Cisco Anyconnect Secure Mobility Client 2.5.2006
Cisco Anyconnect Secure Mobility Client 3.0.0629
Cisco Anyconnect Secure Mobility Client 3.0.1047
Cisco Anyconnect Secure Mobility Client 3.0.2052
Cisco Anyconnect Secure Mobility Client 3.0.3050
Cisco Anyconnect Secure Mobility Client 3.1\\(60\\)
Cisco Anyconnect Secure Mobility Client 4.0.0
7.8
CVSSv3
CVE-2016-6369
Cisco AnyConnect Secure Mobility Client prior to 4.2.05015 and 4.3.x prior to 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464.
Cisco Anyconnect Secure Mobility Client 2.5.2006
Cisco Anyconnect Secure Mobility Client 2.5.2011
Cisco Anyconnect Secure Mobility Client 3.0.1047
Cisco Anyconnect Secure Mobility Client 2.0.0343
Cisco Anyconnect Secure Mobility Client 2.3.0185
Cisco Anyconnect Secure Mobility Client 2.3.1003
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 3.0.3054
Cisco Anyconnect Secure Mobility Client 3.0.09266
Cisco Anyconnect Secure Mobility Client 3.1.05182
Cisco Anyconnect Secure Mobility Client 4.0\\(64\\)
Cisco Anyconnect Secure Mobility Client 3.1.07021
Cisco Anyconnect Secure Mobility Client 4.0\\(2049\\)
Cisco Anyconnect Secure Mobility Client 4.2.04039
Cisco Anyconnect Secure Mobility Client 4.3.00748
Cisco Anyconnect Secure Mobility Client 2.5.2017
Cisco Anyconnect Secure Mobility Client 2.5.2018
Cisco Anyconnect Secure Mobility Client 2.5.2019
Cisco Anyconnect Secure Mobility Client 2.5.3041
Cisco Anyconnect Secure Mobility Client 2.5.3046
Cisco Anyconnect Secure Mobility Client 2.5.3051
Cisco Anyconnect Secure Mobility Client 2.5.3054
7.8
CVSSv3
CVE-2017-3813
A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local malicious user to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient i...
Cisco Anyconnect Secure Mobility Client 4.1.08005
Cisco Anyconnect Secure Mobility Client 4.2.04039
Cisco Anyconnect Secure Mobility Client 4.0.00052
Cisco Anyconnect Secure Mobility Client 4.0.00061
Cisco Anyconnect Secure Mobility Client 4.2.00096
Cisco Anyconnect Secure Mobility Client 4.2.01022
Cisco Anyconnect Secure Mobility Client 4.3.00748
Cisco Anyconnect Secure Mobility Client 4.3.01095
Cisco Anyconnect Secure Mobility Client 4.2.05015
Cisco Anyconnect Secure Mobility Client 4.2.06014
Cisco Anyconnect Secure Mobility Client 4.0.00057
Cisco Anyconnect Secure Mobility Client 4.0.00048
Cisco Anyconnect Secure Mobility Client 4.1.00028
Cisco Anyconnect Secure Mobility Client 4.1.02011
Cisco Anyconnect Secure Mobility Client 4.2.01035
Cisco Anyconnect Secure Mobility Client 4.2.02075
Cisco Anyconnect Secure Mobility Client 4.3.02039
Cisco Anyconnect Secure Mobility Client 4.3.03086
Cisco Anyconnect Secure Mobility Client 4.1.04011
Cisco Anyconnect Secure Mobility Client 4.1.06013
Cisco Anyconnect Secure Mobility Client 4.1.06020
Cisco Anyconnect Secure Mobility Client 4.2.03013
1 EDB exploit
NA
CVE-2013-5559
Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote malicious users to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.4.5004
Cisco Anyconnect Secure Mobility Client 2.4.7030
Cisco Anyconnect Secure Mobility Client 2.4.7073
Cisco Anyconnect Secure Mobility Client 2.5
Cisco Anyconnect Secure Mobility Client 2.5.3054
Cisco Anyconnect Secure Mobility Client 2.5.3055
Cisco Anyconnect Secure Mobility Client 2.5.5112
Cisco Anyconnect Secure Mobility Client 2.5.5116
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.3.185
Cisco Anyconnect Secure Mobility Client 2.4.0202
Cisco Anyconnect Secure Mobility Client 2.4.4004
Cisco Anyconnect Secure Mobility Client 2.5.1025
Cisco Anyconnect Secure Mobility Client 2.5.2006
Cisco Anyconnect Secure Mobility Client 2.5.3041
Cisco Anyconnect Secure Mobility Client 2.5.3051
Cisco Anyconnect Secure Mobility Client 2.5.5118
Cisco Anyconnect Secure Mobility Client 2.5.5130
7.8
CVSSv3
CVE-2016-9192
A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local malicious user to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSC...
Cisco Anyconnect Secure Mobility Client 3.1\\(60\\)
Cisco Anyconnect Secure Mobility Client 4.0\\(64\\)
Cisco Anyconnect Secure Mobility Client 4.0.00048
Cisco Anyconnect Secure Mobility Client 3.1.05187
Cisco Anyconnect Secure Mobility Client 3.1.06073
Cisco Anyconnect Secure Mobility Client 4.0.00051
Cisco Anyconnect Secure Mobility Client 4.0\\(48\\)
Cisco Anyconnect Secure Mobility Client 4.3.00748
Cisco Anyconnect Secure Mobility Client 4.1\\(8\\)
Cisco Anyconnect Secure Mobility Client 4.3.01095
Cisco Anyconnect Secure Mobility Client 4.2.04039
Cisco Anyconnect Secure Mobility Client 3.1.07021
Cisco Anyconnect Secure Mobility Client 4.0\\(2049\\)
Cisco Anyconnect Secure Mobility Client 3.1.05182
Cisco Anyconnect Secure Mobility Client 3.1.02043
Cisco Anyconnect Secure Mobility Client 4.1.0
Cisco Anyconnect Secure Mobility Client 4.0.0
Cisco Anyconnect Secure Mobility Client 4.2.0
Cisco Anyconnect Secure Mobility Client 3.1.0
Cisco Anyconnect Secure Mobility Client 4.3.0
1 Github repository
NA
CVE-2013-1172
The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153.
Cisco Anyconnect Secure Mobility Client 3.0.5075
Cisco Anyconnect Secure Mobility Client 2.0
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.5.2018
Cisco Anyconnect Secure Mobility Client 2.5.2017
Cisco Anyconnect Secure Mobility Client 2.5.2014
Cisco Anyconnect Secure Mobility Client 2.5.2011
Cisco Anyconnect Secure Mobility Client 2.5.5118
Cisco Anyconnect Secure Mobility Client 2.5.5125
Cisco Anyconnect Secure Mobility Client 2.4.7073
Cisco Anyconnect Secure Mobility Client 2.5.5116
Cisco Anyconnect Secure Mobility Client 2.5.2006
Cisco Anyconnect Secure Mobility Client 2.5.2001
Cisco Anyconnect Secure Mobility Client 2.5.1025
Cisco Anyconnect Secure Mobility Client 3.0
Cisco Anyconnect Secure Mobility Client -
Cisco Anyconnect Secure Mobility Client 2.5.3054
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.3.254
Cisco Anyconnect Secure Mobility Client 2.3.185
NA
CVE-2013-1173
Heap-based buffer overflow in ciscod.exe in the Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14143.
Cisco Anyconnect Secure Mobility Client 2.5.3051
Cisco Anyconnect Secure Mobility Client 2.5.6005
Cisco Anyconnect Secure Mobility Client 2.5.3055
Cisco Anyconnect Secure Mobility Client 3.0.08066
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.4.0202
Cisco Anyconnect Secure Mobility Client 2.5
Cisco Anyconnect Secure Mobility Client 2.5.2019
Cisco Anyconnect Secure Mobility Client 3.0.0629
Cisco Anyconnect Secure Mobility Client 3.0.1047
Cisco Anyconnect Secure Mobility Client 3.0.2052
Cisco Anyconnect Secure Mobility Client 3.1.00495
Cisco Anyconnect Secure Mobility Client 3.0.08057
Cisco Anyconnect Secure Mobility Client 2.4.5004
Cisco Anyconnect Secure Mobility Client 3.1.0
Cisco Anyconnect Secure Mobility Client 2.2.140
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.2.136
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.5.2010
Cisco Anyconnect Secure Mobility Client 3.0.3050
NA
CVE-2012-2498
Cisco AnyConnect Secure Mobility Client 3.0 up to and including 3.0.08066 does not ensure that authentication makes use of a legitimate certificate, which allows user-assisted man-in-the-middle malicious users to spoof servers via a crafted certificate, aka Bug ID CSCtz29197.
Cisco Anyconnect Secure Mobility Client 3.0.0629
Cisco Anyconnect Secure Mobility Client 3.0.08057
Cisco Anyconnect Secure Mobility Client 3.0.08066
Cisco Anyconnect Secure Mobility Client 3.0
Cisco Anyconnect Secure Mobility Client 3.0.07059
NA
CVE-2012-2499
The IPsec implementation in Cisco AnyConnect Secure Mobility Client 3.0 prior to 3.0.08057 does not verify the certificate name in an X.509 certificate, which allows man-in-the-middle malicious users to spoof servers via a crafted certificate, aka Bug ID CSCtz26985.
Cisco Anyconnect Secure Mobility Client 3.0
Cisco Anyconnect Secure Mobility Client 3.0.07059
Cisco Anyconnect Secure Mobility Client 3.0.0629
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »