A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the access controls. An attacker could exploit this vulnerability by opening the Internet Explorer browser. An exploit could allow the attacker to use Internet Explorer with the privileges of the SYSTEM user. This may allow the attacker to execute privileged commands on the targeted system. This vulnerability affects versions prior to released versions 4.4.00243 and later and 4.3.05017 and later. Cisco Bug IDs: CSCvc43976.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C
Vendors Products
Cisco
  • Anyconnect Secure Mobility Client

Configuration 1 [-]

OR cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00048:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00051:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00052:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00057:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00061:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.00028:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.02011:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.04011:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.06013:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.06020:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.08005:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.00096:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.01022:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.01035:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.02075:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.03013:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.04018:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.04039:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.05015:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.2.06014:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.00748:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.01095:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.02039:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.03086:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.3.04027:*:*:*:*:*:*:*
References
Link Resource
http://www.securityfocus.com/bid/96145
http://www.securitytracker.com/id/1037796
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170208-anyconnect Vendor Advisory
https://www.exploit-db.com/exploits/41476/
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2017-02-09T17:00:00

Updated: 2017-07-24T12:57:01

Reserved: 2016-12-21T00:00:00

Link: CVE-2017-3813

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2017-02-09T17:59:00.187

Modified: 2019-10-03T00:03:26.223

Link: CVE-2017-3813

JSON object: View

cve-icon Redhat Information

No data.

CWE