CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-0229
https://notcve.org/view.php?id=CVE-2018-0229
A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication for Cisco AnyConnect Secure Mobility Client for Desktop Platforms, Cisco Adaptive Security Appliance (ASA) Software, and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software. The authentication would need to be done by an unsuspecting third party, aka Session Fixation. The vulnerability exists because there is no mechanism for the ASA or FTD Software to detect that the authentication request originates from the AnyConnect client directly. An attacker could exploit this vulnerability by persuading a user to click a crafted link and authenticating using the company's Identity Provider (IdP). A successful exploit could allow the attacker to hijack a valid authentication token and use that to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software. • http://www.securityfocus.com/bid/103939 http://www.securitytracker.com/id/1040711 http://www.securitytracker.com/id/1040712 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect • CWE-384: Session Fixation •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0100
https://notcve.org/view.php?id=CVE-2018-0100
A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and write access to information stored in the affected system. The vulnerability is due to improper handling of the XML External Entity (XXE) entries when parsing an XML file. An attacker could exploit this vulnerability by injecting a crafted XML file with malicious entries, which could allow the attacker to read and write files. Cisco Bug IDs: CSCvg19341. Una vulnerabilidad en Profile Editor en Cisco AnyConnect Secure Mobility Client podría podría permitir que un atacante local no autenticado tenga acceso de lectura y escritura a la información almacenada en el sistema afectado. • http://www.securityfocus.com/bid/102738 http://www.securitytracker.com/id/1040246 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-acpe • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12268
https://notcve.org/view.php?id=CVE-2017-12268
A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the attacker to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539. • http://www.securityfocus.com/bid/101157 http://www.securitytracker.com/id/1039507 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6788
https://notcve.org/view.php?id=CVE-2017-6788
The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected software. The vulnerability is due to insufficient input validation of some parameters that are passed to the WebLaunch function of the affected software. An attacker could exploit this vulnerability by convincing a user to access a malicious link or by intercepting a user request and injecting malicious code into the request. Cisco Bug IDs: CSCvf12055. Known Affected Releases: 98.89(40). • http://www.securityfocus.com/bid/100364 http://www.securitytracker.com/id/1039190 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-caw • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6638
https://notcve.org/view.php?id=CVE-2017-6638
A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account. The vulnerability is due to incomplete input validation of path and file names of a DLL file before it is loaded. An attacker could exploit this vulnerability by creating a malicious DLL file and installing it in a specific system directory. A successful exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account. The attacker would need valid user credentials to exploit this vulnerability. • http://www.securityfocus.com/bid/98938 http://www.securitytracker.com/id/1038627 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-anyconnect • CWE-20: Improper Input Validation CWE-264: Permissions, Privileges, and Access Controls •