Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability
|
System information
|
|
|
Affected software |
Cisco |
Description
|
A vulnerability in a Cisco-signed Java Archive (JAR)executable Cache Cleaner component of Cisco Secure Desktop could allow anunauthenticated, remote attacker to execute arbitrary commands on theclient host where the affected .jar file is executed. Command execution wouldoccur with the privileges of the user.The Cache Cleaner feature has been deprecated since November 2012. There is no fixed software for this vulnerability. Cisco Secure Desktop packages that include the affected .jar files have
More info:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Secure%20Desktop%20Cache%20Cleaner%20Command%20Execution%20Vulnerabili |
Standar resources
|
Property |
Value |
CVE |
CVE-2015-0691. |