CVE-2016-6369

EPSS 0.1%
Veröffentlicht 25.08.2016 21:59:05
Zuletzt bearbeitet 06.05.2026 22:30:45
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 6

NVD 52 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Anyconnect Secure Mobility Client Version2.0.0343

Cisco ≫ Anyconnect Secure Mobility Client Version2.1.0148

Cisco ≫ Anyconnect Secure Mobility Client Version2.2.0133

Cisco ≫ Anyconnect Secure Mobility Client Version2.2.0136

Cisco ≫ Anyconnect Secure Mobility Client Version2.2.0140

Cisco ≫ Anyconnect Secure Mobility Client Version2.3.0185

Cisco ≫ Anyconnect Secure Mobility Client Version2.3.0254

Cisco ≫ Anyconnect Secure Mobility Client Version2.3.1003

Cisco ≫ Anyconnect Secure Mobility Client Version2.3.2016

Cisco ≫ Anyconnect Secure Mobility Client Version2.4.0202

Cisco ≫ Anyconnect Secure Mobility Client Version2.4.1012

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.0217

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2006

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2010

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2011

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2014

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2017

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2018

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2019

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3041

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3046

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3051

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3054

Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3055

Cisco ≫ Anyconnect Secure Mobility Client Version2.5_base

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.0

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.0629

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.1047

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.2052

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.3050

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.3054

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.4235

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.5075

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.5080

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.09231

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.09266

Cisco ≫ Anyconnect Secure Mobility Client Version3.0.09353

Cisco ≫ Anyconnect Secure Mobility Client Version3.1.0

Cisco ≫ Anyconnect Secure Mobility Client Version3.1.02043

Cisco ≫ Anyconnect Secure Mobility Client Version3.1.05182

Cisco ≫ Anyconnect Secure Mobility Client Version3.1.05187

Cisco ≫ Anyconnect Secure Mobility Client Version3.1.06073

Cisco ≫ Anyconnect Secure Mobility Client Version3.1.07021

Cisco ≫ Anyconnect Secure Mobility Client Version4.0.0

Cisco ≫ Anyconnect Secure Mobility Client Version4.0.00048

Cisco ≫ Anyconnect Secure Mobility Client Version4.0.00051

Cisco ≫ Anyconnect Secure Mobility Client Version4.1.0

Cisco ≫ Anyconnect Secure Mobility Client Version4.2.0

Cisco ≫ Anyconnect Secure Mobility Client Version4.2.04039

Cisco ≫ Anyconnect Secure Mobility Client Version4.3.0

Cisco ≫ Anyconnect Secure Mobility Client Version4.3.00748

Cisco ≫ Anyconnect Secure Mobility Client Version4.3.01095

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.1%	0.246

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160824-anyconnect

Vendor Advisory

http://www.securityfocus.com/bid/92625

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1036697

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-6369

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-6369

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-6369

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2016-6369