FKIE_CVE-2015-6322

Vulnerability from fkie_nvd - Published: 2015-10-12 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-asmcVendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1033785Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-asmcVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033785Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco anyconnect_secure_mobility_client 2.0.0343
cisco anyconnect_secure_mobility_client 2.1.0148
cisco anyconnect_secure_mobility_client 2.2.0133
cisco anyconnect_secure_mobility_client 2.2.0136
cisco anyconnect_secure_mobility_client 2.2.0140
cisco anyconnect_secure_mobility_client 2.3.0185
cisco anyconnect_secure_mobility_client 2.3.0254
cisco anyconnect_secure_mobility_client 2.3.1003
cisco anyconnect_secure_mobility_client 2.3.2016
cisco anyconnect_secure_mobility_client 2.4.0202
cisco anyconnect_secure_mobility_client 2.4.1012
cisco anyconnect_secure_mobility_client 2.5.0217
cisco anyconnect_secure_mobility_client 2.5.2006
cisco anyconnect_secure_mobility_client 2.5.2010
cisco anyconnect_secure_mobility_client 2.5.2011
cisco anyconnect_secure_mobility_client 2.5.2014
cisco anyconnect_secure_mobility_client 2.5.2017
cisco anyconnect_secure_mobility_client 2.5.2018
cisco anyconnect_secure_mobility_client 2.5.2019
cisco anyconnect_secure_mobility_client 2.5.3041
cisco anyconnect_secure_mobility_client 2.5.3046
cisco anyconnect_secure_mobility_client 2.5.3051
cisco anyconnect_secure_mobility_client 2.5.3054
cisco anyconnect_secure_mobility_client 2.5.3055
cisco anyconnect_secure_mobility_client 2.5_base
cisco anyconnect_secure_mobility_client 3.0.0
cisco anyconnect_secure_mobility_client 3.0.0629
cisco anyconnect_secure_mobility_client 3.0.1047
cisco anyconnect_secure_mobility_client 3.0.2052
cisco anyconnect_secure_mobility_client 3.0.3050
cisco anyconnect_secure_mobility_client 3.0.3054
cisco anyconnect_secure_mobility_client 3.0.4235
cisco anyconnect_secure_mobility_client 3.0.5075
cisco anyconnect_secure_mobility_client 3.0.5080
cisco anyconnect_secure_mobility_client 3.0.09231
cisco anyconnect_secure_mobility_client 3.0.09266
cisco anyconnect_secure_mobility_client 3.0.09353
cisco anyconnect_secure_mobility_client 3.1\(60\)
cisco anyconnect_secure_mobility_client 3.1.0
cisco anyconnect_secure_mobility_client 3.1.02043
cisco anyconnect_secure_mobility_client 3.1.05182
cisco anyconnect_secure_mobility_client 3.1.05187
cisco anyconnect_secure_mobility_client 3.1.06073
cisco anyconnect_secure_mobility_client 3.1.07021
cisco anyconnect_secure_mobility_client 4.0\(48\)
cisco anyconnect_secure_mobility_client 4.0\(64\)
cisco anyconnect_secure_mobility_client 4.0\(2049\)
cisco anyconnect_secure_mobility_client 4.0.0
cisco anyconnect_secure_mobility_client 4.0.00048
cisco anyconnect_secure_mobility_client 4.0.00051
cisco anyconnect_secure_mobility_client 4.1\(8\)
cisco anyconnect_secure_mobility_client 4.1.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0.0343:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D45BF12-1E35-458F-8C97-F6373E92A7AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1.0148:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B7C20AB-F1CC-4299-8A69-15574C1D91D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0133:*:*:*:*:*:*:*",
              "matchCriteriaId": "99BC4BE0-79DD-404D-96E1-CA174AA4AB0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0136:*:*:*:*:*:*:*",
              "matchCriteriaId": "29EF218A-470F-4201-B4C7-521C3D5EAB8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0140:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F453CD0-871D-4273-A644-9795256CA157",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.0185:*:*:*:*:*:*:*",
              "matchCriteriaId": "102BBE5A-17C2-456F-B62F-1D783D07D7B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.0254:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B63EBD-8608-4E77-8CF1-4278626E6E34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.1003:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD571428-F54C-493E-991D-D5D83D3BFCE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016:*:*:*:*:*:*:*",
              "matchCriteriaId": "184A5DAA-9BDB-4C2D-80DC-E2E21356676A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B1E5D16-BD4E-417C-851B-AEC74D1F84FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B9822AE-2ACE-424A-BB03-4457923E812E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.0217:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF2B696-85BA-492E-AB95-A1A7427429CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41B8BA4-3242-464D-A9E0-15018C8CB495",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2010:*:*:*:*:*:*:*",
              "matchCriteriaId": "D713E198-7C64-4D7C-9DE9-C84FBE26B571",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2011:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE3B606D-1E0E-4276-BFD4-31D6BD96FE1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2014:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A37930-E737-46E9-BD83-99D72C31A551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "93A65C87-E948-4BFF-AFE5-3180701AFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2018:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FDA0C8-8315-4899-B0C5-DE234784E50D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3D6B5A-A836-490E-B295-DE9832EC2DA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3041:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D7D1894-0E58-43BA-9A40-82E3D8648FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3046:*:*:*:*:*:*:*",
              "matchCriteriaId": "111D94E9-AC3C-41E8-8F47-F5A72B27DE9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3051:*:*:*:*:*:*:*",
              "matchCriteriaId": "E78742CF-1043-41BC-9789-8A8FA9460FF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3054:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA3903F0-39C8-43B4-A117-812583EEE94F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3055:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED47F1A-7A16-484C-A71C-E5FC739A3AB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "B89902B9-047C-4619-9B6B-408D5D0592BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "87AB68C1-8884-4342-9E93-C5A2F57FAB4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.0629:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BA1D619-5FC6-4F45-B35A-1C029729146A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.1047:*:*:*:*:*:*:*",
              "matchCriteriaId": "4279AC14-F659-4592-976E-E81B528EF6AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.2052:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0D59FA-777E-4017-972E-54B4E9A39A1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.3050:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA8AE9E-221C-4117-B9B6-842AC529B313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.3054:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9DC7395-6976-4FB2-904E-0E7EA5EFF44B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.4235:*:*:*:*:*:*:*",
              "matchCriteriaId": "55BB9930-B838-4326-AC8B-9FF9690BF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.5075:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC719878-4AC0-4EDF-BA63-3355078DE646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.5080:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D05F500-75AB-41DA-8492-5AFD7D0BA475",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09231:*:*:*:*:*:*:*",
              "matchCriteriaId": "989DB0BF-C00D-4C7B-83A2-CE726EEC397C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09266:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD6CA5AF-4F93-49A3-AEC6-8AC2D0951538",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09353:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C359D1F-2ED9-4A59-9D2D-C6106607EB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1\\(60\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6B415C06-7A2B-4CDC-B7DD-12FF22DB466F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CFE1E12-CAEE-4CB5-8969-D6F92451F69B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.02043:*:*:*:*:*:*:*",
              "matchCriteriaId": "871452CA-054B-411F-AC5F-78C7F666D813",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.05182:*:*:*:*:*:*:*",
              "matchCriteriaId": "E12D9394-B33E-4292-9FF1-E405AF1781B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.05187:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D06E2E-6CBC-40D4-9409-030822552A45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.06073:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB28D6B8-C1AC-49E6-9753-7E4703CB73A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.07021:*:*:*:*:*:*:*",
              "matchCriteriaId": "217290C9-A508-4253-B807-E5E605A2D990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\\(48\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFC839F-D9E1-4B41-B316-8FF44FDAFC78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\\(64\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC1592B-04DE-4FBB-88EF-7AFADEE75624",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\\(2049\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "28E79966-4EE3-4987-AB0C-FEC2DD713012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3782E3EC-B35A-443E-B9CF-5EA8B2D0F732",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00048:*:*:*:*:*:*:*",
              "matchCriteriaId": "0608CACF-28C5-4A23-81FE-7FEB655FC84B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00051:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B9DB6D-0ABC-4938-A36E-2F68AB94635C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1\\(8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B8B34FCE-31B0-47F1-80D9-4AF8E8584EF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACBB4489-1C7C-4435-AF21-ADBA57F49C19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563."
    },
    {
      "lang": "es",
      "value": "El canal IPC en Cisco AnyConnect Secure Mobility Client 2.0.0343 hasta la versi\u00f3n 4.1(8) permite a usuarios locales eludir restricciones destinadas al acceso y mover archivos arbitrarios aprovechando la falta de validaci\u00f3n en la ruta de origen, tambi\u00e9n conocido como Bug ID CSCuv48563."
    }
  ],
  "id": "CVE-2015-6322",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 9.2,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-10-12T10:59:10.320",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-asmc"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1033785"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-asmc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1033785"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.