cvelistv5 - cve-2012-2494

cve-2012-2494

Vulnerability from cvelistv5

Published

2012-06-20 20:00

Modified

2024-09-16 16:33

Severity ?

Summary

References

▼	URL	Tags
	ykramarz@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac	Vendor Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:34:25.843Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20120620 Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2012-06-20T20:00:00Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20120620 Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2012-2494",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20120620 Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2012-2494",
    "datePublished": "2012-06-20T20:00:00Z",
    "dateReserved": "2012-05-07T00:00:00Z",
    "dateUpdated": "2024-09-16T16:33:58.139Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B522088-2084-491B-98F0-3E3CCD88131F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA179B71-AC81-4587-8FB1-0466B2550975\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"210B66BB-4E2C-4D9E-BFBB-69916A42287C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B77EB2C9-BACE-46EA-AA72-FF1C7EB1A5F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06527370-E73A-40FF-8E02-E0337536C7C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A617295C-F518-4BC7-8442-E476448D8F01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E71A1D6B-8E87-4E3A-A1AE-DE44C2C348F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8AD6158-17AB-443D-8EC1-5FDE5852CAEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.185:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BBF395D-9E90-44C1-8E99-3631FFF24487\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.254:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E874C1CB-5F13-45DE-98EF-48C9DCC0DA80\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"184A5DAA-9BDB-4C2D-80DC-E2E21356676A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB04F55C-D373-42FF-8CEE-88762BA1BD62\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B1E5D16-BD4E-417C-851B-AEC74D1F84FC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B9822AE-2ACE-424A-BB03-4457923E812E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D85B4988-85C9-4E28-B526-862B6EB8A436\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F1A7236-46E3-487A-998B-4D72A5EEA004\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681.\"}, {\"lang\": \"es\", \"value\": \"La implementaci\\u00f3n de descargas en VPN en la funcionalidad WebLaunch de Cisco AnyConnect Secure Mobility Client v2.x antes v2.5 MR6 y v3.x antes de v3.0 MR8 no compara la fecha y hora del software que se ofrece con la marca de tiempo del software instalado, lo que permite forzar a una reducci\\u00f3n de versi\\u00f3n  a atacantes remotos mediante el uso de componentes (1) ActiveX o (2) Java para ofrecer c\\u00f3digo firmado que corresponde a una versi\\u00f3n anterior de software. Se trata de un problema tambi\\u00e9n conocido como Bug ID CSCtw48681.\"}]",
      "id": "CVE-2012-2494",
      "lastModified": "2024-11-21T01:39:09.047",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2012-06-20T20:55:02.543",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-2494\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2012-06-20T20:55:02.543\",\"lastModified\":\"2024-11-21T01:39:09.047\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n de descargas en VPN en la funcionalidad WebLaunch de Cisco AnyConnect Secure Mobility Client v2.x antes v2.5 MR6 y v3.x antes de v3.0 MR8 no compara la fecha y hora del software que se ofrece con la marca de tiempo del software instalado, lo que permite forzar a una reducci\u00f3n de versi\u00f3n  a atacantes remotos mediante el uso de componentes (1) ActiveX o (2) Java para ofrecer c\u00f3digo firmado que corresponde a una versi\u00f3n anterior de software. Se trata de un problema tambi\u00e9n conocido como Bug ID CSCtw48681.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B522088-2084-491B-98F0-3E3CCD88131F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA179B71-AC81-4587-8FB1-0466B2550975\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"210B66BB-4E2C-4D9E-BFBB-69916A42287C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B77EB2C9-BACE-46EA-AA72-FF1C7EB1A5F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06527370-E73A-40FF-8E02-E0337536C7C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A617295C-F518-4BC7-8442-E476448D8F01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E71A1D6B-8E87-4E3A-A1AE-DE44C2C348F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8AD6158-17AB-443D-8EC1-5FDE5852CAEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.185:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BBF395D-9E90-44C1-8E99-3631FFF24487\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.254:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E874C1CB-5F13-45DE-98EF-48C9DCC0DA80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"184A5DAA-9BDB-4C2D-80DC-E2E21356676A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB04F55C-D373-42FF-8CEE-88762BA1BD62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B1E5D16-BD4E-417C-851B-AEC74D1F84FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B9822AE-2ACE-424A-BB03-4457923E812E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D85B4988-85C9-4E28-B526-862B6EB8A436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F1A7236-46E3-487A-998B-4D72A5EEA004\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

fkie_cve-2012-2494

Vulnerability from fkie_nvd

Published

2012-06-20 20:55

Modified

2024-11-21 01:39

Severity ?

Summary

References

▼	URL	Tags
	psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	anyconnect_secure_mobility_client	2.0
cisco	anyconnect_secure_mobility_client	2.1
cisco	anyconnect_secure_mobility_client	2.2
cisco	anyconnect_secure_mobility_client	2.2.128
cisco	anyconnect_secure_mobility_client	2.2.133
cisco	anyconnect_secure_mobility_client	2.2.136
cisco	anyconnect_secure_mobility_client	2.2.140
cisco	anyconnect_secure_mobility_client	2.3
cisco	anyconnect_secure_mobility_client	2.3.185
cisco	anyconnect_secure_mobility_client	2.3.254
cisco	anyconnect_secure_mobility_client	2.3.2016
cisco	anyconnect_secure_mobility_client	2.4
cisco	anyconnect_secure_mobility_client	2.4.0202
cisco	anyconnect_secure_mobility_client	2.4.1012
cisco	anyconnect_secure_mobility_client	2.5
cisco	anyconnect_secure_mobility_client	3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B522088-2084-491B-98F0-3E3CCD88131F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA179B71-AC81-4587-8FB1-0466B2550975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "210B66BB-4E2C-4D9E-BFBB-69916A42287C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77EB2C9-BACE-46EA-AA72-FF1C7EB1A5F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133:*:*:*:*:*:*:*",
              "matchCriteriaId": "06527370-E73A-40FF-8E02-E0337536C7C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136:*:*:*:*:*:*:*",
              "matchCriteriaId": "A617295C-F518-4BC7-8442-E476448D8F01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140:*:*:*:*:*:*:*",
              "matchCriteriaId": "E71A1D6B-8E87-4E3A-A1AE-DE44C2C348F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AD6158-17AB-443D-8EC1-5FDE5852CAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.185:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BBF395D-9E90-44C1-8E99-3631FFF24487",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.254:*:*:*:*:*:*:*",
              "matchCriteriaId": "E874C1CB-5F13-45DE-98EF-48C9DCC0DA80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016:*:*:*:*:*:*:*",
              "matchCriteriaId": "184A5DAA-9BDB-4C2D-80DC-E2E21356676A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB04F55C-D373-42FF-8CEE-88762BA1BD62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B1E5D16-BD4E-417C-851B-AEC74D1F84FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B9822AE-2ACE-424A-BB03-4457923E812E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D85B4988-85C9-4E28-B526-862B6EB8A436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1A7236-46E3-487A-998B-4D72A5EEA004",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n de descargas en VPN en la funcionalidad WebLaunch de Cisco AnyConnect Secure Mobility Client v2.x antes v2.5 MR6 y v3.x antes de v3.0 MR8 no compara la fecha y hora del software que se ofrece con la marca de tiempo del software instalado, lo que permite forzar a una reducci\u00f3n de versi\u00f3n  a atacantes remotos mediante el uso de componentes (1) ActiveX o (2) Java para ofrecer c\u00f3digo firmado que corresponde a una versi\u00f3n anterior de software. Se trata de un problema tambi\u00e9n conocido como Bug ID CSCtw48681."
    }
  ],
  "id": "CVE-2012-2494",
  "lastModified": "2024-11-21T01:39:09.047",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-06-20T20:55:02.543",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco AnyConnect VPN Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists because the VPN AnyConnect helper program does not check the version number of the vpndownloader.exe program it downloads. As such it is possible to forcefully install an older version of the vpndownloader.exe that is vulnerable to previously patched issues. This older version of the client software may contain vulnerabilities which can be exploited by the attacker to perform further attacks. These issues are tracked by Cisco Bug IDs CSCtw48681 and CSCtx74235. Cisco AnyConnect Secure Mobility is a secure enterprise mobility solution. Also known as Bug ID CSCtw48681.

-- Vendor Response: Cisco has issued an update to correct this vulnerability. More details can be found at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco- sa-20120620-ac
-- Disclosure Timeline: 2011-11-22 - Vulnerability reported to vendor 2012-08-22 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by:
gwslabs.com
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.

Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:

http://www.zerodayinitiative.com

The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.

Our vulnerability disclosure policy is available online at:

http://www.zerodayinitiative.com/advisories/disclosure_policy/

Follow the ZDI on Twitter:

http://twitter.com/thezdi

-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8

wsBVAwUBUDT/PFVtgMGTo1scAQLLzgf9HBKVYWR/BvvgxJa3/JvOrqcitJ3YJbtB w1mms3xSCBArm9xVo3FyeM4is6+94bG5v6gSD2Q774+1JP8eLsPSJgCGygL8qrxI jKKd2vpaIVEska4Q1yGBOaGh/Gbh6zoGOErL1KjbHD2nEG9olu8aKkMw+4JEPewe ZtL6XOAPZlPvpR9pG9nAxB4BqyhY10Hc+s35ovQIMQQO9S3GUR18GrVy+bXsQKpe nm6ovRLqHaSwq0hCHbHmhKwiCepqV+1KFy9aZSbCXU4VpiaO1N1llDB1L+o3g9bQ q9vBUrbuw4rJqb5hSdQSi+ZJylSVmuHTLo8tOHwXmJlK1lrs3lUiww== =8yO6 -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201206-0086",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.0"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "2.5"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "2.3.254"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "2.3.185"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "2.3"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.2.140"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.4.0202"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.3.2016"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.4"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.4.1012"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.2.133"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.2.136"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.2.128"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.0"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.2"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.1"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2.x"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2.5 mr6"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.0 mr8"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.x"
      },
      {
        "model": "anyconnect vpn client",
        "scope": null,
        "trust": 0.7,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "secure desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.5.1077"
      },
      {
        "model": "secure desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.5.841"
      },
      {
        "model": "secure desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.4.2048"
      },
      {
        "model": "secure desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1.1"
      },
      {
        "model": "secure desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.2"
      },
      {
        "model": "secure desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1.1.45"
      },
      {
        "model": "secure desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1.1.33"
      },
      {
        "model": "secure desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.0.629"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.5.3046"
      },
      {
        "model": "anyconnect secure mobility client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.5.3041"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-12-149"
      },
      {
        "db": "BID",
        "id": "54108"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2494"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-374"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.185:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.254:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2494"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "gwslabs.com",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-12-149"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2012-2494",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2012-2494",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2012-2494",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-55775",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2012-2494",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "ZDI",
            "id": "CVE-2012-2494",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201206-374",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-55775",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-12-149"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55775"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2494"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-374"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco AnyConnect VPN Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists because the VPN AnyConnect helper program does not check the version number of the vpndownloader.exe program it downloads. As such it is possible to forcefully install an older version of the vpndownloader.exe that is vulnerable to previously patched issues.  This older version of the client software may contain vulnerabilities  which can be exploited by the attacker to perform further attacks. \nThese issues are tracked by Cisco Bug IDs CSCtw48681 and CSCtx74235. Cisco AnyConnect Secure Mobility is a secure enterprise mobility solution. Also known as Bug ID CSCtw48681. \n\n- -- Vendor Response:\nCisco has issued an update to correct this vulnerability. More details can\nbe found at:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-\nsa-20120620-ac\n\n- -- Disclosure Timeline:\n2011-11-22 - Vulnerability reported to vendor\n2012-08-22 - Coordinated public release of advisory\n\n- -- Credit:\nThis vulnerability was discovered by:\n* gwslabs.com\n\n- -- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n    http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n    http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n    http://twitter.com/thezdi\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 10.2.0 (Build 1950)\nCharset: utf-8\n\nwsBVAwUBUDT/PFVtgMGTo1scAQLLzgf9HBKVYWR/BvvgxJa3/JvOrqcitJ3YJbtB\nw1mms3xSCBArm9xVo3FyeM4is6+94bG5v6gSD2Q774+1JP8eLsPSJgCGygL8qrxI\njKKd2vpaIVEska4Q1yGBOaGh/Gbh6zoGOErL1KjbHD2nEG9olu8aKkMw+4JEPewe\nZtL6XOAPZlPvpR9pG9nAxB4BqyhY10Hc+s35ovQIMQQO9S3GUR18GrVy+bXsQKpe\nnm6ovRLqHaSwq0hCHbHmhKwiCepqV+1KFy9aZSbCXU4VpiaO1N1llDB1L+o3g9bQ\nq9vBUrbuw4rJqb5hSdQSi+ZJylSVmuHTLo8tOHwXmJlK1lrs3lUiww==\n=8yO6\n-----END PGP SIGNATURE-----\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-2494"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-149"
      },
      {
        "db": "BID",
        "id": "54108"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55775"
      },
      {
        "db": "PACKETSTORM",
        "id": "115785"
      }
    ],
    "trust": 2.7
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-55775",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55775"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-2494",
        "trust": 3.6
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-149",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002811",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-1412",
        "trust": 0.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-374",
        "trust": 0.7
      },
      {
        "db": "CISCO",
        "id": "20120620 MULTIPLE VULNERABILITIES IN CISCO ANYCONNECT SECURE MOBILITY CLIENT",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "19866",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "54108",
        "trust": 0.3
      },
      {
        "db": "PACKETSTORM",
        "id": "115785",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-55775",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-12-149"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55775"
      },
      {
        "db": "BID",
        "id": "54108"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      },
      {
        "db": "PACKETSTORM",
        "id": "115785"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2494"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-374"
      }
    ]
  },
  "id": "VAR-201206-0086",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55775"
      }
    ],
    "trust": 0.8222222
  },
  "last_update_date": "2023-12-18T12:22:01.577000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20120620-ac",
        "trust": 1.5,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120620-ac"
      },
      {
        "title": "26197",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26197"
      },
      {
        "title": "Update Rollup for ActiveX Kill Bits (2736233)",
        "trust": 0.8,
        "url": "http://technet.microsoft.com/en-us/security/advisory/2736233"
      },
      {
        "title": "Java SE Development Kit 7, Update 9 (JDK 7u9)",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/java/javase/7u9-relnotes-1863279.html"
      },
      {
        "title": "Java SE Development Kit 6, Update 37 (JDK 6u37)",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/java/javase/6u37-relnotes-1863283.html"
      },
      {
        "title": "cisco-sa-20120620-ac",
        "trust": 0.8,
        "url": "http://www.cisco.com/cisco/web/support/jp/111/1115/1115492_cisco-sa-20120620-ac-j.html"
      },
      {
        "title": "ActiveX \u306e Kill Bit \u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u30ed\u30fc\u30eb\u30a2\u30c3\u30d7 (2736233)",
        "trust": 0.8,
        "url": "http://technet.microsoft.com/ja-jp/security/advisory/2736233"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-12-149"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-55775"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2494"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.7,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120620-ac"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2494"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2494"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19866"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "http://technet.microsoft.com/en-us/security/advisory/2736233"
      },
      {
        "trust": 0.3,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-12-149/"
      },
      {
        "trust": 0.1,
        "url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
      },
      {
        "trust": 0.1,
        "url": "http://twitter.com/thezdi"
      },
      {
        "trust": 0.1,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-12-149"
      },
      {
        "trust": 0.1,
        "url": "http://www.zerodayinitiative.com"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-2494"
      },
      {
        "trust": 0.1,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-12-149"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55775"
      },
      {
        "db": "BID",
        "id": "54108"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      },
      {
        "db": "PACKETSTORM",
        "id": "115785"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2494"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-374"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "ZDI",
        "id": "ZDI-12-149"
      },
      {
        "db": "VULHUB",
        "id": "VHN-55775"
      },
      {
        "db": "BID",
        "id": "54108"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      },
      {
        "db": "PACKETSTORM",
        "id": "115785"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-2494"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-374"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-08-22T00:00:00",
        "db": "ZDI",
        "id": "ZDI-12-149"
      },
      {
        "date": "2012-06-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55775"
      },
      {
        "date": "2012-06-20T00:00:00",
        "db": "BID",
        "id": "54108"
      },
      {
        "date": "2012-06-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      },
      {
        "date": "2012-08-23T01:56:37",
        "db": "PACKETSTORM",
        "id": "115785"
      },
      {
        "date": "2012-06-20T20:55:02.543000",
        "db": "NVD",
        "id": "CVE-2012-2494"
      },
      {
        "date": "2012-06-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-374"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-08-22T00:00:00",
        "db": "ZDI",
        "id": "ZDI-12-149"
      },
      {
        "date": "2012-06-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-55775"
      },
      {
        "date": "2015-03-19T08:41:00",
        "db": "BID",
        "id": "54108"
      },
      {
        "date": "2012-12-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      },
      {
        "date": "2012-06-21T04:00:00",
        "db": "NVD",
        "id": "CVE-2012-2494"
      },
      {
        "date": "2012-06-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-374"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "115785"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-374"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco AnyConnect Secure Mobility Client Vulnerabilities forced to downgrade versions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-002811"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-374"
      }
    ],
    "trust": 0.6
  }
}

gsd-2012-2494

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2012-2494

Aliases

CVE-2012-2494

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-2494",
    "description": "The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681.",
    "id": "GSD-2012-2494"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-2494"
      ],
      "details": "The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681.",
      "id": "GSD-2012-2494",
      "modified": "2023-12-13T01:20:15.949232Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2012-2494",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20120620 Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.185:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.254:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2012-2494"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20120620 Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2012-06-21T04:00Z",
      "publishedDate": "2012-06-20T20:55Z"
    }
  }
}

ghsa-52cj-532j-rfcv

Vulnerability from github

Published

2022-05-17 05:28

Modified

2022-05-17 05:28

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-2494"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-06-20T20:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681.",
  "id": "GHSA-52cj-532j-rfcv",
  "modified": "2022-05-17T05:28:31Z",
  "published": "2022-05-17T05:28:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2494"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2012-2494

Vulnerability from cvelistv5

fkie_cve-2012-2494

Vulnerability from fkie_nvd

var-201206-0086

Vulnerability from variot

gsd-2012-2494

Vulnerability from gsd

ghsa-52cj-532j-rfcv

Vulnerability from github

Tags

Sightings

Nomenclature