Published: 05/10/2017 Updated: 09/10/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

Subscribe to Anyconnect Secure Mobility Client

A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local malicious user to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the malicious user to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco anyconnect secure mobility client 4.5\\(822\\)

A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters The vulnerability is due to insufficient NAM policy enforcement An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow mult ...

NVD-CWE-noinfo https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam http://www.securitytracker.com/id/1039507 http://www.securityfocus.com/bid/101157 https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-12268

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect