CVE-2013-1172

Public PoC / Exploit

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153.

Weaknesses (CWE)

CWE-20

Affected Products (61)

cisco · anyconnect_secure_mobility_clientvulnerable

cisco · anyconnect_secure_mobility_client

References (2)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1172

Vendor Advisory

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1172

Vendor Advisory