Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-16007

Опубликовано: 23 сент. 2020
Источник: nvd
CVSS3: 5.9
CVSS3: 7.1
CVSS2: 5.8
EPSS Низкий

Описание

A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. The vulnerability is due to the use of implicit service invocations. An attacker could exploit this vulnerability by persuading a user to install a malicious application. A successful exploit could allow the attacker to access confidential user information or cause a DoS condition on the AnyConnect application.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:android:*:*
Версия до 4.8.00826 (исключая)

EPSS

Процентиль: 50%
0.00265
Низкий

5.9 Medium

CVSS3

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-345
CWE-345

Связанные уязвимости

github логотип

GHSA-prgx-65ww-w7j5

github
больше 3 лет назад

A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. The vulnerability is due to the use of implicit service invocations. An attacker could exploit this vulnerability by persuading a user to install a malicious application. A successful exploit could allow the attacker to access confidential user information or cause a DoS condition on the AnyConnect application.

fstec логотип

BDU:2020-00872

CVSS3: 5.9
fstec
около 6 лет назад

Уязвимость средства криптографической защиты Cisco AnyConnect Secure Mobility Client, связана с недостаточной проверкой подлинности данных, позволяющая нарушителю вызвать отказ в обслуживании или раскрыть защищаемую информацию

EPSS

Процентиль: 50%
0.00265
Низкий

5.9 Medium

CVSS3

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-345
CWE-345