CVE-2015-0761

Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x before 4.0(2052) on Linux does not properly implement unspecified internal functions, which allows local users to obtain root privileges via crafted vpnagent options, aka Bug ID CSCus86790.

Published: Jun 4, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-0761
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
cisco / anyconnect_secure_mobility_client	-	3.1\(.07021\).x
cisco / anyconnect_secure_mobility_client	4.0(.00048)	4.0(.00048).x
cisco / anyconnect_secure_mobility_client	4.0(.00051)	4.0(.00051).x

http://tools.cisco.com/security/center/viewAlert.x?alertId=39158
http://www.securityfocus.com/bid/74954
http://www.securitytracker.com/id/1032472

Vulnerability Database

289,784

CVE-2015-0761