Details of VAR-202101-1011

ID

VAR-202101-1011

CVE

CVE-2021-1237

TITLE

Windows for Cisco AnyConnect Secure Mobility Client Vulnerability in Uncontrolled Search Path Elements

Trust: 0.8

sources: JVNDB: JVNDB-2021-002551

DESCRIPTION

A vulnerability in the Network Access Manager and Web Security Agent components of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL injection attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by inserting a configuration file in a specific path in the system which, in turn, causes a malicious DLL file to be loaded when the application starts. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges

Trust: 1.71

sources: NVD: CVE-2021-1237 // JVNDB: JVNDB-2021-002551 // VULHUB: VHN-374291

AFFECTED PRODUCTS

vendor:	cisco	model:	anyconnect secure mobility client	scope:	lt	version:	4.9.04043	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco anyconnect secure mobility client	scope:	eq	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco anyconnect secure mobility client	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-002551 // NVD: CVE-2021-1237

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-1237
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2021-1237
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-1237
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202101-966
value:	HIGH
Trust: 0.6
VULHUB:	VHN-374291
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-1237
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-374291
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-1237
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2021-1237
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-374291 // JVNDB: JVNDB-2021-002551 // CNNVD: CNNVD-202101-966 // NVD: CVE-2021-1237 // NVD: CVE-2021-1237

PROBLEMTYPE DATA

problemtype:	CWE-427	Trust: 1.1
problemtype:	Uncontrolled search path elements (CWE-427) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-374291 // JVNDB: JVNDB-2021-002551 // NVD: CVE-2021-1237

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202101-966

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202101-966

PATCH

title:	cisco-sa-anyconnect-dll-injec-pQnryXLf	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-injec-pQnryXLf	Trust: 0.8
title:	Cisco AnyConnect Secure Mobility Client for Windows Fixes for code issue vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139424	Trust: 0.6

sources: JVNDB: JVNDB-2021-002551 // CNNVD: CNNVD-202101-966

EXTERNAL IDS

db:	NVD	id:	CVE-2021-1237	Trust: 2.5
db:	JVNDB	id:	JVNDB-2021-002551	Trust: 0.8
db:	AUSCERT	id:	ESB-2021.0133	Trust: 0.6
db:	CNNVD	id:	CNNVD-202101-966	Trust: 0.6
db:	VULHUB	id:	VHN-374291	Trust: 0.1

sources: VULHUB: VHN-374291 // JVNDB: JVNDB-2021-002551 // CNNVD: CNNVD-202101-966 // NVD: CVE-2021-1237

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-anyconnect-dll-injec-pqnryxlf	Trust: 2.3
url:	https://nvd.nist.gov/vuln/detail/cve-2021-1237	Trust: 1.4
url:	https://www.auscert.org.au/bulletins/esb-2021.0133/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/cisco-anyconnect-secure-mobility-client-executing-dll-code-via-network-access-manager-and-web-security-agent-34311	Trust: 0.6

sources: VULHUB: VHN-374291 // JVNDB: JVNDB-2021-002551 // CNNVD: CNNVD-202101-966 // NVD: CVE-2021-1237

SOURCES

db:	VULHUB	id:	VHN-374291
db:	JVNDB	id:	JVNDB-2021-002551
db:	CNNVD	id:	CNNVD-202101-966
db:	NVD	id:	CVE-2021-1237

LAST UPDATE DATE

2024-11-23T22:37:10.063000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-374291	date:	2021-01-19T00:00:00
db:	JVNDB	id:	JVNDB-2021-002551	date:	2021-09-22T08:52:00
db:	CNNVD	id:	CNNVD-202101-966	date:	2021-01-21T00:00:00
db:	NVD	id:	CVE-2021-1237	date:	2024-11-21T05:43:53.910

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-374291	date:	2021-01-13T00:00:00
db:	JVNDB	id:	JVNDB-2021-002551	date:	2021-09-22T00:00:00
db:	CNNVD	id:	CNNVD-202101-966	date:	2021-01-13T00:00:00
db:	NVD	id:	CVE-2021-1237	date:	2021-01-13T22:15:20.677