Vulnerability Description
The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Anyconnect Secure Mobility Client | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1172Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1172Vendor Advisory
FAQ
What is CVE-2013-1172?
CVE-2013-1172 is a vulnerability with a CVSS score of 6.6 (MEDIUM). The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, a...
How severe is CVE-2013-1172?
CVE-2013-1172 has been rated MEDIUM with a CVSS base score of 6.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1172?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Anyconnect Secure Mobility Client.