Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2015-6305

Published: 26/09/2015 Updated: 12/12/2016
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 up to and including 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco anyconnect secure mobility client 2.0.0343

cisco anyconnect secure mobility client 2.1.0.148

cisco anyconnect secure mobility client 2.2.0133

cisco anyconnect secure mobility client 2.2.0136

cisco anyconnect secure mobility client 2.2.0140

cisco anyconnect secure mobility client 2.3.0185

cisco anyconnect secure mobility client 2.3.0254

cisco anyconnect secure mobility client 2.3.1003

cisco anyconnect secure mobility client 2.3.2016

cisco anyconnect secure mobility client 2.4.0202

cisco anyconnect secure mobility client 2.4.1012

cisco anyconnect secure mobility client 2.5.0217

cisco anyconnect secure mobility client 2.5.2006

cisco anyconnect secure mobility client 2.5.2010

cisco anyconnect secure mobility client 2.5.2011

cisco anyconnect secure mobility client 2.5.2014

cisco anyconnect secure mobility client 2.5.2017

cisco anyconnect secure mobility client 2.5.2018

cisco anyconnect secure mobility client 2.5.2019

cisco anyconnect secure mobility client 2.5.3041

cisco anyconnect secure mobility client 2.5.3046

cisco anyconnect secure mobility client 2.5.3051

cisco anyconnect secure mobility client 2.5.3054

cisco anyconnect secure mobility client 2.5.3055

cisco anyconnect secure mobility client 2.5 base

cisco anyconnect secure mobility client 3.0.0

cisco anyconnect secure mobility client 3.0.0629

cisco anyconnect secure mobility client 3.0.1047

cisco anyconnect secure mobility client 3.0.2052

cisco anyconnect secure mobility client 3.0.3050

cisco anyconnect secure mobility client 3.0.3054

cisco anyconnect secure mobility client 3.0.4235

cisco anyconnect secure mobility client 3.0.5075

cisco anyconnect secure mobility client 3.0.5080

cisco anyconnect secure mobility client 3.0.09231

cisco anyconnect secure mobility client 3.0.09266

cisco anyconnect secure mobility client 3.0.09353

cisco anyconnect secure mobility client 3.1(60)

cisco anyconnect secure mobility client 3.1.0

cisco anyconnect secure mobility client 3.1.02043

cisco anyconnect secure mobility client 3.1.05182

cisco anyconnect secure mobility client 3.1.05187

cisco anyconnect secure mobility client 3.1.06073

cisco anyconnect secure mobility client 3.1.07021

cisco anyconnect secure mobility client 4.0(48)

cisco anyconnect secure mobility client 4.0(64)

cisco anyconnect secure mobility client 4.0(2049)

cisco anyconnect secure mobility client 4.0.0

cisco anyconnect secure mobility client 4.0.00048

cisco anyconnect secure mobility client 4.0.00051

cisco anyconnect secure mobility client 4.1.0

Exploits

Exploit DB: Cisco AnyConnect Secure Mobility Client 3.1.08009 - Local Privilege Escalation
Source: codegooglecom/p/google-security-research/issues/detail?id=460 Cisco AnyConnect Secure Mobility Client v3108009 Elevation of Privilege Platform: Windows 81 Update, Client version 3108009 (tested on 32 bit only) Class: Elevation of Privilege Summary: The fix for CVE-2015-4211 is insufficient which allows a local application t ...

Github Repositories

https://github.com/goichot/CVE-2020-3153

Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal

CVE-2020-3153 Cisco AnyConnect &lt; 4802042 privilege escalation through path traversal Description The auto-update feature of Cisco AnyConnect is affected by a path traversal vulnerability An attacker can exploit this vulnerability to gain system level privileges For more details, please refer to: the original advisory SSD Advisory my notes Exploit This exploit uses

References

CWE-426http://tools.cisco.com/security/center/viewAlert.x?alertId=41136https://code.google.com/p/google-security-research/issues/detail?id=460http://packetstormsecurity.com/files/133876/Cisco-AnyConnect-Secure-Mobility-Client-3.1.08009-Privilege-Elevation.htmlhttps://www.exploit-db.com/exploits/38289/http://www.securitytracker.com/id/1033643http://seclists.org/fulldisclosure/2015/Sep/80https://nvd.nist.govhttps://github.com/goichot/CVE-2020-3153https://www.exploit-db.com/exploits/38289/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884CVE-2024-6003remotebrute forceinformation disclosureCVE-2024-27801CVE-2024-30078CVE-2024-31870CVE-2024-6042
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook