CVE-2015-6322

medium

Cisco

CVSS v3 Base Score

6.6

AV:L/AC:L/Au:N/C:N/I:C/A:C

EPSS Score

0.1%

Exploitation probability in 30 days

Top 74% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

None

Integrity

Availability

Published: October 12, 2015 (3867 days ago)

Last Modified: May 6, 2026

Vendor: Cisco

Source: NVD

Description

The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563.

CWE

CWE-264

Affected Products

cisco anyconnect secure mobility client

References

🔗 tools.cisco.com 🔗 www.securitytracker.com 🔗 tools.cisco.com 🔗 www.securitytracker.com

CVE-2015-6322

Vulnerability Report

Description

CWE

Affected Products

References