CVE-2013-1215

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 3.1 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

T

he vpnclient program in the Easy VPN component on Cisco Adaptive Security Appliances (ASA) 5505 devices allows local users to gain privileges via unspecified vectors, aka Bug ID CSCuf85295.

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1215	Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1215	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:5500_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:asa_5500::::::::

History

21 Nov 2024, 01:49

Type	Values Removed	Values Added
References	~~() http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1215 - Vendor Advisory~~	() http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1215 - Vendor Advisory

Information

Published : 2013-04-25 20:55

Updated : 2025-04-11 00:51

NVD link : CVE-2013-1215

Mitre link : CVE-2013-1215

CVE.ORG link : CVE-2013-1215

JSON object : View

Products Affected

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2013-1215", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-04-25T20:55:09.587", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1215", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1215", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "The vpnclient program in the Easy VPN component on Cisco Adaptive Security Appliances (ASA) 5505 devices allows local users to gain privileges via unspecified vectors, aka Bug ID CSCuf85295."}, {"lang": "es", "value": "El programa vpnclient en el componente de Easy VPN de Cisco Adaptive Security Appliances (ASA) dispositivos 5505 permite a usuarios locales conseguir privilegios a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuf85295."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F7FDABB-8C67-4E56-A533-233B50047603"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301"}, {"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}