Vulnslist

find the latest Cisco vulnerabilities

Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability

Cisco-SA-20120620-CVE-2012-2496 · Medium · Published · Updated

Cisco AnyConnect Secure Mobility Client contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability is due to insufficient validation of user-supplied input that is received by the 64-bit Java applet that performs the WebLaunch VPN downloader functionality in the affected software. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to view a malicious website. If successful, the attacker could have the ability to execute arbitrary code with the privileges of the user on the affected system.  Cisco has confirmed this vulnerability in a security advisory and software updates are available. To exploit the vulnerability, the attacker may provide a link that directs a user to a malicious site and use misleading language or instructions to persuade the user to follow the provided link. This alert contains CVSS scoring supplied by Cisco, the primary vendor of the affected product.  Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to apply the appropriate updates.

Users are advised not to open e-mail messages from suspicious or unrecognized sources. If users cannot verify that links or attachments included in e-mail messages are safe, they are advised not to open them.

Administrators are advised to monitor affected systems.

The Cisco Applied Intelligence team has created the following companion document to guide administrators in identifying and mitigating attempts to exploit this vulnerability prior to applying updated software: cisco-amb-20120620-ac
http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20120620-ac

CVEsCVE-2012-2496
Cisco Bug IDsCSCty45925
CVSS ScoreBase 6.8
Base 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C
Base 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source
Cisco AnyConnect Secure Mobility Client, Cisco Secure Client

Related Products

Product CVE Evidence
Cisco Secure Client CVE-2012-2496 Cisco OpenVuln
Cisco AnyConnect Secure Mobility Client CVE-2012-2496 Cisco OpenVuln