CVE-2009-5008

low

Cisco

CVSS v3 Base Score

2.1

AV:L/AC:L/Au:N/C:N/I:P/A:N

EPSS Score

0.1%

Exploitation probability in 30 days

Top 81% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

None

Integrity

Availability

None

Published: October 14, 2010 (5691 days ago)

Last Modified: April 29, 2026

Vendor: Cisco

Source: NVD

Description

Cisco Secure Desktop (CSD), when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a modified executable file.

CWE

CWE-264

Affected Products

cisco secure desktop

References

🔗 www.infradead.org 🔗 www.infradead.org

CVE-2009-5008

Vulnerability Report

Description

CWE

Affected Products

References