Details of VAR-201510-0032

ID

VAR-201510-0032

CVE

CVE-2015-6322

TITLE

Cisco AnyConnect Secure Mobility Client of IPC Vulnerability that bypasses access restrictions on channels

Trust: 0.8

sources: JVNDB: JVNDB-2015-005191

DESCRIPTION

The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563. A local attacker may exploit this issue to gain elevated system privileges on the device. This issue is being tracked by Cisco Bug ID CSCuv48563. The vulnerability is caused by the fact that the program does not verify the source path in the IPC command

Trust: 1.98

sources: NVD: CVE-2015-6322 // JVNDB: JVNDB-2015-005191 // BID: 77055 // VULHUB: VHN-84283

AFFECTED PRODUCTS

vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.3.2016	Trust: 1.9
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.4.1012	Trust: 1.9
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.2011	Trust: 1.9
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.2010	Trust: 1.9
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.2006	Trust: 1.9
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5_base	Trust: 1.6
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.2.0136	Trust: 1.6
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.4.0202	Trust: 1.6
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.02043	Trust: 1.6
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.0217	Trust: 1.6
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.2019	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.3054	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.3054	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.5075	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.1047	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.4235	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.3046	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.3051	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.3050	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.3041	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.2017	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.3.1003	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.2052	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.2014	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.3055	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.5080	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.2018	Trust: 1.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.09266	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.06073	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.07021	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.0	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.0	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.3.0185	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0\(64\)	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.3.0254	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.1.0148	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.1\(8\)	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.0629	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.2.0140	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0\(2049\)	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.0.0343	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0.0	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.2.0133	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.05187	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0\(48\)	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0.00051	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.1.0	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.09231	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0.00048	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.09353	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.05182	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1\(60\)	Trust: 1.0
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.0.0343 to 4.1(8)	Trust: 0.8
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.5130	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.7021	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.1025	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0(64)	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.217	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.2043	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.629	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.0	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.2.140	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.3.185	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.5182	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.4.5004	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.2.133	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1(60)	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0(48)	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.5112	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.5116	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.5125	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.2001	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.7059	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1(.02043)	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.0.343	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.9266	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.4	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.8057	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.4.4004	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.4.4014	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.6073	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.2	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.8066	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.3	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0(2049)	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.9231	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0.48	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.5118	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.495	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.6005	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.3.254	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0.9353	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.2.128	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client mr8	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.4.7073	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.1(8)	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.2	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.2.136	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client mr6	scope:	eq	version:	2.5	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.1	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.5.5131	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.4.202	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.0.51	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.1.148	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	3.1.5187	Trust: 0.3
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	2.4.7030	Trust: 0.3

sources: BID: 77055 // JVNDB: JVNDB-2015-005191 // CNNVD: CNNVD-201510-148 // NVD: CVE-2015-6322

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-6322
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2015-6322
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201510-148
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-84283
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2015-6322
severity:	MEDIUM
baseScore:	6.6
vectorString:	AV:L/AC:L/AU:N/C:N/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	9.2
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-84283
severity:	MEDIUM
baseScore:	6.6
vectorString:	AV:L/AC:L/AU:N/C:N/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	9.2
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-84283 // JVNDB: JVNDB-2015-005191 // CNNVD: CNNVD-201510-148 // NVD: CVE-2015-6322

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-84283 // JVNDB: JVNDB-2015-005191 // NVD: CVE-2015-6322

THREAT TYPE

local

Trust: 0.9

sources: BID: 77055 // CNNVD: CNNVD-201510-148

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201510-148

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-005191

PATCH

title:

cisco-sa-20151008-asmc

url:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-asmc

Trust: 0.8

sources: JVNDB: JVNDB-2015-005191

EXTERNAL IDS

db:	NVD	id:	CVE-2015-6322	Trust: 2.8
db:	SECTRACK	id:	1033785	Trust: 1.1
db:	JVNDB	id:	JVNDB-2015-005191	Trust: 0.8
db:	CNNVD	id:	CNNVD-201510-148	Trust: 0.7
db:	BID	id:	77055	Trust: 0.4
db:	VULHUB	id:	VHN-84283	Trust: 0.1

sources: VULHUB: VHN-84283 // BID: 77055 // JVNDB: JVNDB-2015-005191 // CNNVD: CNNVD-201510-148 // NVD: CVE-2015-6322

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151008-asmc	Trust: 1.7
url:	http://www.securitytracker.com/id/1033785	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6322	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6322	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151008-asmc	Trust: 0.3

sources: VULHUB: VHN-84283 // BID: 77055 // JVNDB: JVNDB-2015-005191 // CNNVD: CNNVD-201510-148 // NVD: CVE-2015-6322

CREDITS

Cisco

Trust: 0.3

sources: BID: 77055

SOURCES

db:	VULHUB	id:	VHN-84283
db:	BID	id:	77055
db:	JVNDB	id:	JVNDB-2015-005191
db:	CNNVD	id:	CNNVD-201510-148
db:	NVD	id:	CVE-2015-6322

LAST UPDATE DATE

2024-11-23T22:07:58.866000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-84283	date:	2016-12-12T00:00:00
db:	BID	id:	77055	date:	2015-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2015-005191	date:	2015-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201510-148	date:	2015-10-16T00:00:00
db:	NVD	id:	CVE-2015-6322	date:	2024-11-21T02:34:47.010

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-84283	date:	2015-10-12T00:00:00
db:	BID	id:	77055	date:	2015-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2015-005191	date:	2015-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201510-148	date:	2015-10-13T00:00:00
db:	NVD	id:	CVE-2015-6322	date:	2015-10-12T10:59:10.320