Detections
Analytics
Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) IPC Channel Source-path Validation Failure Local File Location Manipulation
medium Log Correlation Engine Plugin ID 801961
Synopsis
Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) IPC channel allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validationDescription
A vulnerability in interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to move arbitrary files with elevated privileges.The vulnerability is due to missing source path validation in certain IPC commands. An attacker could exploit this vulnerability by sending crafted IPC messages. An exploit could allow the attacker to move arbitrary files with elevated privileges, which could affect the integrity of the system and cause a denial of service condition.
Solution
We are not currently aware of a solution for this vulnerability.See Also
https://tools.cisco.com/bugsearch/bug/CSCuv48563
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-asmc
Plugin Details
Severity: Medium
ID: 801961
Family: Generic
Nessus ID: 87894
Vulnerability Information
Vulnerability Publication Date: 10/8/2015
Reference Information
CVE: CVE-2015-6322
BID: 77055