Cisco AnyConnect Secure Mobility Client < 3.1.10010.0 / 4.0.x < 4.0.4013.0 / 4.1.x < 4.1.4011.0 IPC File Write Vulnerability

medium Nessus Plugin ID 85267

Synopsis

The remote host is affected by an arbitrary file write vulnerability.

Description

The Cisco AnyConnect Secure Mobility Client installed on the remote host is a version prior to 3.1.10010.0, or is version 4.0.x prior to 4.0.4013.0, or version 4.1.x prior to 4.1.4011.0. It is, therefore, affected by a flaw that allows unauthenticated IPC commands to write files. A local, authenticated attacker, using a specially crafted IPC command, can write or overwrite arbitrary files.

Solution

Upgrade to Cisco AnyConnect Secure Mobility Client version 3.1.10010.0 / 4.0.4013.0 / 4.1.4011.0 or later

See Also

https://tools.cisco.com/security/center/viewAlert.x?alertId=37863

Plugin Details

Severity: Medium

ID: 85267

File Name: cisco_anyconnect_CSCus79392.nasl

Version: 1.4

Type: local

Agent: windows

Family: Windows

Published: 8/7/2015

Updated: 7/6/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: Medium

Base Score: 6.6

Temporal Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:C/A:C

Vulnerability Information

CPE: cpe:/a:cisco:anyconnect_secure_mobility_client

Required KB Items: SMB/Registry/Enumerated, installed_sw/Cisco AnyConnect Secure Mobility Client

Exploit Ease: No known exploits are available

Patch Publication Date: 7/27/2015

Vulnerability Publication Date: 3/14/2015

Reference Information

CVE: CVE-2015-0663

BID: 73122

CISCO-BUG-ID: CSCus79392