Published: 04/06/2015 Updated: 04/01/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Anyconnect Secure Mobility Client

Cisco AnyConnect Secure Mobility Client prior to 3.1(8009) and 4.x prior to 4.0(2052) on Linux does not properly implement unspecified internal functions, which allows local users to obtain root privileges via crafted vpnagent options, aka Bug ID CSCus86790.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco anyconnect secure mobility client
cisco anyconnect secure mobility client 4.0\\(.00051\\)
cisco anyconnect secure mobility client 4.0\\(.00048\\)

A vulnerability in the code of Cisco AnyConnect Secure Mobility Client for Linux could allow an authenticated, local attacker to elevate privileges to those of the root user The vulnerability is due to improper implementation of some internal functions An attacker could exploit this vulnerability by accessing the system and calling the vpnagent ...

CWE-264 http://tools.cisco.com/security/center/viewAlert.x?alertId=39158 http://www.securitytracker.com/id/1032472 http://www.securityfocus.com/bid/74954 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20150602-CVE-2015-0761

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-0761

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect