6.8
CVE-2007-4415
- EPSS 0.32%
- Veröffentlicht 18.08.2007 21:17:00
- Zuletzt bearbeitet 16.06.2026 22:44:02
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Vpn Client Editionwindows Version <= 5.0.01
Cisco ≫ Vpn Client Version5.0.01.0600
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.32% | 0.23 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 3.1 | 10 |
AV:L/AC:L/Au:S/C:C/I:C/A:C
|
http://secunia.com/advisories/26459
http://securitytracker.com/id?1018573
http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml
http://www.securityfocus.com/bid/25332
http://www.vupen.com/english/advisories/2007/2903
http://securityreason.com/securityalert/3023
http://www.securityfocus.com/archive/1/476812/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/36032