CVE-2013-1172

EPSS 0.08%
Published 11.04.2013 10:55:02
Last modified 11.04.2025 00:51:21
Source psirt@cisco.com
Teams watchlist Login
Open Login

The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Anyconnect Secure Mobility Client Version-

Cisco ≫ Anyconnect Secure Mobility Client Version2.0

Cisco ≫ Anyconnect Secure Mobility Client Version2.1

Cisco ≫ Anyconnect Secure Mobility Client Version2.2

Cisco ≫ Anyconnect Secure Mobility Client Version2.2.128

Cisco ≫ Anyconnect Secure Mobility Client Version2.2.133

Cisco ≫ Anyconnect Secure Mobility Client Version2.2.136

Cisco ≫ Anyconnect Secure Mobility Client Version2.2.140

Cisco ≫ Anyconnect Secure Mobility Client Version2.3

Cisco ≫ Anyconnect Secure Mobility Client Version2.3.185

Cisco ≫ Anyconnect Secure Mobility Client Version2.3.254

Cisco ≫ Anyconnect Secure Mobility Client Version2.3.2016

Cisco ≫ Anyconnect Secure Mobility Client Version2.4

Cisco ≫ Anyconnect Secure Mobility Client Version2.4 SwPlatformsymbian_os

Cisco ≫ Anyconnect Secure Mobility Client Version2.4.0202

Cisco ≫ Anyconnect Secure Mobility Client Version2.4.1012

Cisco ≫ Anyconnect Secure Mobility Client Version2.4.4004 SwPlatformiphone_os

Cisco ≫ Anyconnect Secure Mobility Client Version2.4.4014 SwPlatformiphone_os

Cisco ≫ Anyconnect Secure Mobility Client Version2.4.5004 SwPlatformsymbian_os

Cisco ≫ Anyconnect Secure Mobility Client Version2.4.7030 SwPlatformandroid

Cisco ≫ Anyconnect Secure Mobility Client Version2.4.7073 SwPlatformandroid

Cisco ≫ Anyconnect Secure Mobility Client Version2.5

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.0217

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.1025

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2001

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2006

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2010

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2011

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2014

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2017

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2018

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2019

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3041

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3046

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3051

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3054

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3055

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5112 SwPlatformiphone_os

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5116 SwPlatformandroid

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5118 SwPlatformandroid

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5125 SwPlatformandroid

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5130 SwPlatformiphone_os

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5131 SwPlatformandroid

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.6005

Cisco ≫ Anyconnect Secure Mobility Client Version3.0

Cisco ≫ Anyconnect Secure Mobility Client Version3.0 HwPlatformx64

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.0629

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.1047

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.2052

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.3050

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.3054

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.4235

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.5075

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.5080

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.07059

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.08057

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.08057 HwPlatformx64

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.08066

Cisco ≫ Anyconnect Secure Mobility Client Version3.1.0

Cisco ≫ Anyconnect Secure Mobility Client Version3.1.00495

Cisco ≫ Anyconnect Secure Mobility Client Version3.2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.208

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.6	2.7	10	AV:L/AC:M/Au:S/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1172

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2013-1172

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-1172

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-1172

EUVD