Cisco AnyConnect Secure Mobility Client Arbitrary File Move Vulnerability
|
Información sobre el sistema
|
|
|
Software afectado |
Cisco |
Descripción
|
A vulnerability in interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to move arbitrary files with elevated privileges. The vulnerability is due to missing source path validation in certain IPC commands. An attacker could exploit this vulnerability by sending crafted IPC messages. An exploit could allow the attacker to move arbitrary files with elevated privileges, which could affect the integrity of the system and
More info:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-asmc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20AnyConnect%20Secure%20Mobility%20Client%20Arbitrary%20File%20Move%20V |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2015-6322. |