CVE-2017-12268 - OpenCVE

A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the attacker to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Anyconnect Secure Mobility Client

Configuration 1 [-]

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.5\(822\):*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/101157
http://www.securitytracker.com/id/1039507
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2017-10-05T07:00:00

Updated: 2024-08-05T18:28:16.840Z

Reserved: 2017-08-03T00:00:00

Link: CVE-2017-12268

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-10-05T07:29:00.700

Modified: 2019-10-09T23:22:47.653

Link: CVE-2017-12268

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Cisco AnyConnect Network Access Manager", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco AnyConnect Network Access Manager"}]}], "datePublic": "2017-10-05T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the attacker to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-264", "description": "CWE-264", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2017-10-06T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam"}, {"name": "1039507", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039507"}, {"name": "101157", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101157"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2017-12268", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco AnyConnect Network Access Manager", "version": {"version_data": [{"version_value": "Cisco AnyConnect Network Access Manager"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the attacker to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-264"}]}]}, "references": {"reference_data": [{"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam"}, {"name": "1039507", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039507"}, {"name": "101157", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101157"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T18:28:16.840Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam"}, {"name": "1039507", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039507"}, {"name": "101157", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/101157"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2017-12268", "datePublished": "2017-10-05T07:00:00", "dateReserved": "2017-08-03T00:00:00", "dateUpdated": "2024-08-05T18:28:16.840Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.5\\(822\\):*:*:*:*:*:*:*", "matchCriteriaId": "DB1DAD51-466B-4D98-8A77-5E29BD30A3C7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the attacker to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539."}, {"lang": "es", "value": "Un vulnerabilidad en el NAM (Network Access Manager) de Cisco AnyConnect Secure Mobility Client podr\u00eda permitir que un atacante local autenticado habilite m\u00faltiples adaptadores de red. Esta vulnerabilidad tambi\u00e9n se conoce como \"Dual-Home Interface Vulnerability\". Esta vulnerabilidad se debe a la falta de mecanismos suficientes para el cumplimiento de pol\u00edticas NAM. Un atacante podr\u00eda explotar esta vulnerabilidad manipulando las interfaces de red del dispositivo para permitir que haya varias activas al mismo tiempo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante env\u00ede tr\u00e1fico a trav\u00e9s de una interfaz de red que no est\u00e1 autorizada. Cisco Bug IDs: CSCvf66539."}], "id": "CVE-2017-12268", "lastModified": "2019-10-09T23:22:47.653", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-10-05T07:29:00.700", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101157"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039507"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-anam"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-264"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}