CVE-2016-6369
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464.
Cisco AnyConnect Secure Mobility Client en versiones anteriores a 4.2.05015 y 4.3.x en versiones anteriores a 4.3.02039 no maneja correctamente los nombres de ruta, lo que permite a usuarios locales obtener privilegios a través de un documento INF manipulado, también conocido como Bug ID CSCuz92464.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-07-26 CVE Reserved
- 2016-08-25 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/92625 | Third Party Advisory | |
| http://www.securitytracker.com/id/1036697 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.0.0343 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.0.0343" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.1.0148 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.1.0148" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.0133 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.0133" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.0136 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.0136" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.2.0140 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.2.0140" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.0185 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.0185" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.0254 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.0254" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.1003 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.1003" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.3.2016 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.3.2016" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4.0202 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4.0202" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.4.1012 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.4.1012" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.0217 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.0217" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.2006 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.2006" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.2010 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.2010" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.2011 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.2011" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.2014 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.2014" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.2017 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.2017" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.2018 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.2018" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.2019 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.2019" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.3041 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.3041" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.3046 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.3046" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.3051 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.3051" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.3054 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.3054" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5.3055 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5.3055" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 2.5_base Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "2.5_base" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.0629 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.0629" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.1047 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.1047" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.2052 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.2052" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.3050 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.3050" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.3054 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.3054" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.4235 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.4235" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.5075 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.5075" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.5080 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.5080" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.09231 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.09231" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.09266 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.09266" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.0.09353 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.0.09353" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.1\(60\) Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.1\(60\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.1.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.1.02043 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.1.02043" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.1.05182 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.1.05182" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.1.05187 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.1.05187" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.1.06073 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.1.06073" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 3.1.07021 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "3.1.07021" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.0\(48\) Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.0\(48\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.0\(64\) Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.0\(64\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.0\(2049\) Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.0\(2049\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.0.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.0.00048 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.0.00048" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.0.00051 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.0.00051" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.1\(8\) Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.1\(8\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.1.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.1.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.2.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.2.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.2.04039 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.2.04039" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.3.0 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.3.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.3.00748 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.3.00748" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Anyconnect Secure Mobility Client Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" | 4.3.01095 Search vendor "Cisco" for product "Anyconnect Secure Mobility Client" and version "4.3.01095" | - |
Affected
| ||||||