Detections
Analytics
Cisco AnyConnect Secure Mobility Client 3.x < 3.1.10010.0 / 4.x < 4.1.4011.0 Arbitrary File Write
medium Nessus Plugin ID 85541
Language:
Synopsis
The remote host is affected by an arbitrary file write vulnerability.Description
The Cisco AnyConnect Secure Mobility Client installed on the remote host is version 3.x prior to 3.1.10010.0 or 4.x prior to 4.1.4011.0.It is, therefore, affected by a flaw due to improper sanitization of user-supplied input. An unauthenticated, remote attacker can exploit this issue, by convincing a user to connect to a malicious head-end system, to traverse outside a restricted path and thus write or overwrite arbitrary files in the active user's context.
Solution
Upgrade to Cisco AnyConnect Secure Mobility Client version 3.1.10010.0 / 4.1.4011.0 or later.See Also
https://tools.cisco.com/security/center/viewAlert.x?alertId=40175
Plugin Details
Severity: Medium
ID: 85541
File Name: cisco_anyconnect_4_1_4011.nasl
Version: 1.5
Type: local
Agent: windows
Family: Windows
Published: 8/19/2015
Updated: 11/22/2019
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 6.4
Temporal Score: 4.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P
CVSS Score Source: CVE-2015-4289
Vulnerability Information
CPE: cpe:/a:cisco:anyconnect_secure_mobility_client
Required KB Items: SMB/Registry/Enumerated, installed_sw/Cisco AnyConnect Secure Mobility Client
Exploit Ease: No known exploits are available
Patch Publication Date: 7/30/2015
Vulnerability Publication Date: 7/30/2015
Reference Information
CVE: CVE-2015-4289
BID: 76125
CISCO-BUG-ID: CSCut93920