CVE-2009-5008

Published: Oct 14, 2010Modified: Apr 29, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

Cisco Secure Desktop (CSD), when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a modified executable file.

Affected (1)

Products: Cisco: Secure Desktop

Cisco

1 product

Secure Desktop

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Secure Desktop	All versions

Related CWEs

CWE-264

References (2)

http://www.infradead.org/openconnect.html

Source: cve@mitre.org

http://www.infradead.org/openconnect.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.