Vulnerability Description
Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x before 4.0(2052) on Linux does not properly implement unspecified internal functions, which allows local users to obtain root privileges via crafted vpnagent options, aka Bug ID CSCus86790.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Anyconnect Secure Mobility Client | <= 3.1\(.07021\) |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39158Vendor Advisory
- http://www.securityfocus.com/bid/74954Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032472Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39158Vendor Advisory
- http://www.securityfocus.com/bid/74954Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032472Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-0761?
CVE-2015-0761 is a vulnerability with a CVSS score of 7.2 (HIGH). Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x before 4.0(2052) on Linux does not properly implement unspecified internal functions, which allows local users to obtain root privilege...
How severe is CVE-2015-0761?
CVE-2015-0761 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0761?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Anyconnect Secure Mobility Client.