Vulnerability Details : CVE-2011-2040
The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.5.3041, and 3.0.x before 3.0.629, on Linux and Mac OS X downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arbitrary code via the url property to a Java applet, aka Bug ID CSCsy05934.
Vulnerability category: Execute code
Products affected by CVE-2011-2040
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2018:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.1025:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2011:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2010:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2006:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2001:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.254:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.185:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2017:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2014:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
Exploit prediction scoring system (EPSS) score for CVE-2011-2040
2.71%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-2040
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2011-2040
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-2040
-
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80123.shtml
Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client - CiscoVendor Advisory
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=910
-
http://www.securitytracker.com/id?1025591
Cisco AnyConnect Secure Mobility Client Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges - SecurityTracker
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/67739
Cisco AnyConnect Secure Mobility Client helper application code execution CVE-2011-2040 Vulnerability Report
-
http://www.kb.cert.org/vuls/id/490097
VU#490097 - Cisco AnyConnect SSL VPN arbitrary code executionUS Government Resource
Jump to