Cisco AnyConnect Secure Mobility Client 2.x < 3.1.13015.0 / 4.x < 4.2.1035.0 Arbitrary File Manipulation

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by an arbitrary file manipulation
vulnerability.

Description :

The Cisco AnyConnect Secure Mobility Client installed on the remote
host is version 2.x or 3.x prior to 3.1.13015.0 or 4.x prior to
4.2.1035.0. It is, therefore, affected by an arbitrary file
manipulation vulnerability due to missing source path validation in
interprocess communication (IPC) commands. A local attacker can
exploit this, via crafted IPC messages, to move arbitrary files with
elevated privileges, resulting in a loss of integrity and a denial of
service condition.

See also :

http://www.nessus.org/u?20e0379d
https://tools.cisco.com/bugsearch/bug/CSCuv48563

Solution :

Upgrade to Cisco AnyConnect Secure Mobility Client version
3.1.13015.0 / 4.2.1035.0 or later.

Risk factor :

Medium / CVSS Base Score : 6.6
(CVSS2#AV:L/AC:L/Au:N/C:N/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 87894 ()

Bugtraq ID: 77055

CVE ID: CVE-2015-6322

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now