Thursday, 17 August 2017

On 01:03 by admin in    No comments
A vulnerability has been found in Cisco AnyConnect Secure Mobility Client (the affected version is unknown) and classified as critical. This vulnerability affects the function WebLaunch. The manipulation with an unknown input leads to a cross site scripting vulnerability. The CWE definition for the vulnerability is CWE-80. As an impact it is known to affect integrity. An attacker might be able to inject arbitrary html and script code into the web site. This would alter the appearance and would make it possible to initiate further attacks against site visitors.

The weakness was shared 08/16/2017 by Cisco as cisco-sa-20170816-caw as confirmed advisory (Website). The advisory is shared for download at tools.cisco.com. This vulnerability was named CVE-2017-6788. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details are known, but there is no available exploit. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment (estimation calculated on 08/17/2017).

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at SecurityTracker (ID 1039190).

CVSSv3

VulDB Base Score5.3
VulDB Temp Score5.1
VulDB VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:O/RC:C
VulDB Reliability: High

Vendor Base Score (Cisco): 6.1
Vendor Vector (Cisco)CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:X/RL:X/RC:X

CVSSv2

VectorComplexityAuthenticationConfidentialityIntegrityAvailability
LocalHighMultipleNoneNoneNone
AdjacentMediumSinglePartialPartialPartial
NetworkLowNoneCompleteCompleteComplete
VulDB Base Score4.3 (CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
VulDB Temp Score3.7 (CVSS2#E:ND/RL:OF/RC:C)
VulDB Reliability: High

CPE

  • cpe:/a:cisco:anyconnect_secure_mobility_client

Exploiting

Class: Cross site scripting (CWE-80)
Local: No
Remote: Yes

Availability: No

Price Prediction: steady
Current Price Estimation

0-Day$0-$5k$5k-$25k$25k-$100k$100k-$500k
Today$0-$5k$5k-$25k$25k-$100k$100k-$500k
Countermeasures

Recommended: Upgrade
Status: Official fix
0-Day Time: 0 days since found

Timeline

08/16/2017   Advisory disclosed
08/17/2017  +1 days VulDB entry created
08/17/2017  +0 days SecurityTracker entry created
08/17/2017  +0 days VulDB last update

Sources

Advisorycisco-sa-20170816-caw
Researcher: Cisco
Status: Confirmed

CVE: CVE-2017-6788 (mitre.org) (nvd.nist.org) (cvedetails.com)

0 comments:

Post a Comment