← Back

CVE-2016-6369

nvd nist
Published: Aug 25, 2016Modified: May 6, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464.

Affected (57)

Cisco
1 product
Anyconnect Secure Mobility Client
Configuration A
57 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Anyconnect Secure Mobility Client
Version 2.0.0343
Anyconnect Secure Mobility Client
Version 2.1.0148
Anyconnect Secure Mobility Client
Version 2.2.0133
Anyconnect Secure Mobility Client
Version 2.2.0136
Anyconnect Secure Mobility Client
Version 2.2.0140
Anyconnect Secure Mobility Client
Version 2.3.0185
Anyconnect Secure Mobility Client
Version 2.3.0254
Anyconnect Secure Mobility Client
Version 2.3.1003
Anyconnect Secure Mobility Client
Version 2.3.2016
Anyconnect Secure Mobility Client
Version 2.4.0202
Anyconnect Secure Mobility Client
Version 2.4.1012
Anyconnect Secure Mobility Client
Version 2.5.0217
Anyconnect Secure Mobility Client
Version 2.5.2006
Anyconnect Secure Mobility Client
Version 2.5.2010
Anyconnect Secure Mobility Client
Version 2.5.2011
Anyconnect Secure Mobility Client
Version 2.5.2014
Anyconnect Secure Mobility Client
Version 2.5.2017
Anyconnect Secure Mobility Client
Version 2.5.2018
Anyconnect Secure Mobility Client
Version 2.5.2019
Anyconnect Secure Mobility Client
Version 2.5.3041
Anyconnect Secure Mobility Client
Version 2.5.3046
Anyconnect Secure Mobility Client
Version 2.5.3051
Anyconnect Secure Mobility Client
Version 2.5.3054
Anyconnect Secure Mobility Client
Version 2.5.3055
Anyconnect Secure Mobility Client
Version 2.5_base
Anyconnect Secure Mobility Client
Version 3.0.0629
Anyconnect Secure Mobility Client
Version 3.0.09231
Anyconnect Secure Mobility Client
Version 3.0.09266
Anyconnect Secure Mobility Client
Version 3.0.09353
Anyconnect Secure Mobility Client
Version 3.0.0
Anyconnect Secure Mobility Client
Version 3.0.1047
Anyconnect Secure Mobility Client
Version 3.0.2052
Anyconnect Secure Mobility Client
Version 3.0.3050
Anyconnect Secure Mobility Client
Version 3.0.3054
Anyconnect Secure Mobility Client
Version 3.0.4235
Anyconnect Secure Mobility Client
Version 3.0.5075
Anyconnect Secure Mobility Client
Version 3.0.5080
Anyconnect Secure Mobility Client
Version 3.1.02043
Anyconnect Secure Mobility Client
Version 3.1.05182
Anyconnect Secure Mobility Client
Version 3.1.05187
Anyconnect Secure Mobility Client
Version 3.1.06073
Anyconnect Secure Mobility Client
Version 3.1.07021
Anyconnect Secure Mobility Client
Version 3.1.0
Anyconnect Secure Mobility Client
Version 3.1(60)
Anyconnect Secure Mobility Client
Version 4.0.00048
Anyconnect Secure Mobility Client
Version 4.0.00051
Anyconnect Secure Mobility Client
Version 4.0.0
Anyconnect Secure Mobility Client
Version 4.0(2049)
Anyconnect Secure Mobility Client
Version 4.0(48)
Anyconnect Secure Mobility Client
Version 4.0(64)
Anyconnect Secure Mobility Client
Version 4.1.0
Anyconnect Secure Mobility Client
Version 4.1(8)
Anyconnect Secure Mobility Client
Version 4.2.04039
Anyconnect Secure Mobility Client
Version 4.2.0
Anyconnect Secure Mobility Client
Version 4.3.00748
Anyconnect Secure Mobility Client
Version 4.3.01095
Anyconnect Secure Mobility Client
Version 4.3.0

Related CWEs

CWE-264
CWE-264

References (6)

Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.