VAR-201206-0086
Vulnerability from variot - Updated: 2023-12-18 12:22The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco AnyConnect VPN Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists because the VPN AnyConnect helper program does not check the version number of the vpndownloader.exe program it downloads. As such it is possible to forcefully install an older version of the vpndownloader.exe that is vulnerable to previously patched issues. This older version of the client software may contain vulnerabilities which can be exploited by the attacker to perform further attacks. These issues are tracked by Cisco Bug IDs CSCtw48681 and CSCtx74235. Cisco AnyConnect Secure Mobility is a secure enterprise mobility solution. Also known as Bug ID CSCtw48681.
-
-- Vendor Response: Cisco has issued an update to correct this vulnerability. More details can be found at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco- sa-20120620-ac
-
-- Disclosure Timeline: 2011-11-22 - Vulnerability reported to vendor 2012-08-22 - Coordinated public release of advisory
-
-- Credit: This vulnerability was discovered by:
-
gwslabs.com
-
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 10.2.0 (Build 1950) Charset: utf-8
wsBVAwUBUDT/PFVtgMGTo1scAQLLzgf9HBKVYWR/BvvgxJa3/JvOrqcitJ3YJbtB w1mms3xSCBArm9xVo3FyeM4is6+94bG5v6gSD2Q774+1JP8eLsPSJgCGygL8qrxI jKKd2vpaIVEska4Q1yGBOaGh/Gbh6zoGOErL1KjbHD2nEG9olu8aKkMw+4JEPewe ZtL6XOAPZlPvpR9pG9nAxB4BqyhY10Hc+s35ovQIMQQO9S3GUR18GrVy+bXsQKpe nm6ovRLqHaSwq0hCHbHmhKwiCepqV+1KFy9aZSbCXU4VpiaO1N1llDB1L+o3g9bQ q9vBUrbuw4rJqb5hSdQSi+ZJylSVmuHTLo8tOHwXmJlK1lrs3lUiww== =8yO6 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0086",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.3.254"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.3.185"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.3"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.2.140"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.4.0202"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.3.2016"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.4"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.4.1012"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.133"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.136"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2.128"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.2"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1"
},
{
"model": "anyconnect secure mobility client",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "2.x"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "2.5 mr6"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.0 mr8"
},
{
"model": "anyconnect secure mobility client",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "3.x"
},
{
"model": "anyconnect vpn client",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "secure desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.1077"
},
{
"model": "secure desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.5.841"
},
{
"model": "secure desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.4.2048"
},
{
"model": "secure desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "secure desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "secure desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1.45"
},
{
"model": "secure desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1.33"
},
{
"model": "secure desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.629"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.3046"
},
{
"model": "anyconnect secure mobility client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.3041"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-149"
},
{
"db": "BID",
"id": "54108"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002811"
},
{
"db": "NVD",
"id": "CVE-2012-2494"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-374"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.185:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.254:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2494"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "gwslabs.com",
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-149"
}
],
"trust": 0.7
},
"cve": "CVE-2012-2494",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-2494",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2012-2494",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-55775",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-2494",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2012-2494",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-374",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-55775",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-149"
},
{
"db": "VULHUB",
"id": "VHN-55775"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002811"
},
{
"db": "NVD",
"id": "CVE-2012-2494"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-374"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco AnyConnect VPN Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists because the VPN AnyConnect helper program does not check the version number of the vpndownloader.exe program it downloads. As such it is possible to forcefully install an older version of the vpndownloader.exe that is vulnerable to previously patched issues. This older version of the client software may contain vulnerabilities which can be exploited by the attacker to perform further attacks. \nThese issues are tracked by Cisco Bug IDs CSCtw48681 and CSCtx74235. Cisco AnyConnect Secure Mobility is a secure enterprise mobility solution. Also known as Bug ID CSCtw48681. \n\n- -- Vendor Response:\nCisco has issued an update to correct this vulnerability. More details can\nbe found at:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-\nsa-20120620-ac\n\n- -- Disclosure Timeline:\n2011-11-22 - Vulnerability reported to vendor\n2012-08-22 - Coordinated public release of advisory\n\n- -- Credit:\nThis vulnerability was discovered by:\n* gwslabs.com\n\n- -- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 10.2.0 (Build 1950)\nCharset: utf-8\n\nwsBVAwUBUDT/PFVtgMGTo1scAQLLzgf9HBKVYWR/BvvgxJa3/JvOrqcitJ3YJbtB\nw1mms3xSCBArm9xVo3FyeM4is6+94bG5v6gSD2Q774+1JP8eLsPSJgCGygL8qrxI\njKKd2vpaIVEska4Q1yGBOaGh/Gbh6zoGOErL1KjbHD2nEG9olu8aKkMw+4JEPewe\nZtL6XOAPZlPvpR9pG9nAxB4BqyhY10Hc+s35ovQIMQQO9S3GUR18GrVy+bXsQKpe\nnm6ovRLqHaSwq0hCHbHmhKwiCepqV+1KFy9aZSbCXU4VpiaO1N1llDB1L+o3g9bQ\nq9vBUrbuw4rJqb5hSdQSi+ZJylSVmuHTLo8tOHwXmJlK1lrs3lUiww==\n=8yO6\n-----END PGP SIGNATURE-----\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-2494"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002811"
},
{
"db": "ZDI",
"id": "ZDI-12-149"
},
{
"db": "BID",
"id": "54108"
},
{
"db": "VULHUB",
"id": "VHN-55775"
},
{
"db": "PACKETSTORM",
"id": "115785"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-55775",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55775"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-2494",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-12-149",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002811",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1412",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201206-374",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20120620 MULTIPLE VULNERABILITIES IN CISCO ANYCONNECT SECURE MOBILITY CLIENT",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19866",
"trust": 0.6
},
{
"db": "BID",
"id": "54108",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "115785",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-55775",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-149"
},
{
"db": "VULHUB",
"id": "VHN-55775"
},
{
"db": "BID",
"id": "54108"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002811"
},
{
"db": "PACKETSTORM",
"id": "115785"
},
{
"db": "NVD",
"id": "CVE-2012-2494"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-374"
}
]
},
"id": "VAR-201206-0086",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-55775"
}
],
"trust": 0.8222222
},
"last_update_date": "2023-12-18T12:22:01.577000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20120620-ac",
"trust": 1.5,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120620-ac"
},
{
"title": "26197",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26197"
},
{
"title": "Update Rollup for ActiveX Kill Bits (2736233)",
"trust": 0.8,
"url": "http://technet.microsoft.com/en-us/security/advisory/2736233"
},
{
"title": "Java SE Development Kit 7, Update 9 (JDK 7u9)",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/java/javase/7u9-relnotes-1863279.html"
},
{
"title": "Java SE Development Kit 6, Update 37 (JDK 6u37)",
"trust": 0.8,
"url": "http://www.oracle.com/technetwork/java/javase/6u37-relnotes-1863283.html"
},
{
"title": "cisco-sa-20120620-ac",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1115/1115492_cisco-sa-20120620-ac-j.html"
},
{
"title": "ActiveX \u306e Kill Bit \u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u30ed\u30fc\u30eb\u30a2\u30c3\u30d7 (2736233)",
"trust": 0.8,
"url": "http://technet.microsoft.com/ja-jp/security/advisory/2736233"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-149"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002811"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-55775"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002811"
},
{
"db": "NVD",
"id": "CVE-2012-2494"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120620-ac"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-2494"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-2494"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19866"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://technet.microsoft.com/en-us/security/advisory/2736233"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-149/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-12-149"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2494"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-12-149"
},
{
"db": "VULHUB",
"id": "VHN-55775"
},
{
"db": "BID",
"id": "54108"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002811"
},
{
"db": "PACKETSTORM",
"id": "115785"
},
{
"db": "NVD",
"id": "CVE-2012-2494"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-374"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-12-149"
},
{
"db": "VULHUB",
"id": "VHN-55775"
},
{
"db": "BID",
"id": "54108"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002811"
},
{
"db": "PACKETSTORM",
"id": "115785"
},
{
"db": "NVD",
"id": "CVE-2012-2494"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-374"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-22T00:00:00",
"db": "ZDI",
"id": "ZDI-12-149"
},
{
"date": "2012-06-20T00:00:00",
"db": "VULHUB",
"id": "VHN-55775"
},
{
"date": "2012-06-20T00:00:00",
"db": "BID",
"id": "54108"
},
{
"date": "2012-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002811"
},
{
"date": "2012-08-23T01:56:37",
"db": "PACKETSTORM",
"id": "115785"
},
{
"date": "2012-06-20T20:55:02.543000",
"db": "NVD",
"id": "CVE-2012-2494"
},
{
"date": "2012-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-374"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-08-22T00:00:00",
"db": "ZDI",
"id": "ZDI-12-149"
},
{
"date": "2012-06-21T00:00:00",
"db": "VULHUB",
"id": "VHN-55775"
},
{
"date": "2015-03-19T08:41:00",
"db": "BID",
"id": "54108"
},
{
"date": "2012-12-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002811"
},
{
"date": "2012-06-21T04:00:00",
"db": "NVD",
"id": "CVE-2012-2494"
},
{
"date": "2012-06-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-374"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "115785"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-374"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco AnyConnect Secure Mobility Client Vulnerabilities forced to downgrade versions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002811"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-374"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…