CVE-2011-2040 in AnyConnect Secure Mobility Clientinformazioni

Riassunto

di MITRE

The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.5.3041, and 3.0.x before 3.0.629, on Linux and Mac OS X downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arbitrary code via the url property to a Java applet, aka Bug ID CSCsy05934.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

10/05/2011

Divulgazione

02/06/2011

Moderazione

accettato

Voce

VDB-57565

CPE

pronto

CWE

CWE-20 (confermato)

Sfruttamento

Scaricare

CVSS

9.3 (NVD)

EPSS

0.10684

KEV

Attività

molto basso

Settore

Pharma, Energy, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-2040
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-2040
CVE Details	https://www.cvedetails.com/cve/CVE-2011-2040/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!