CVE-2007-1067

3 documents3 sources

Severity

7.2HIGH

EPSS

0.1%

top 76.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Secure Services Client Cisco Security Agent Cisco Trust Agent +1 more

Timeline

PublishedFeb 22

Latest updateMay 1

Description

Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors, aka CSCsh30624.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages4 packages

▶NVDcisco/trust_agent1

▶NVDcisco/security_agent5.0, 5.1+1

▶NVDcisco/secure_services_client4.x

▶NVDmeetinghouse/aegis_secureconnect_clientwindows_platform

🔴Vulnerability Details

GHSA

GHSA-8vjf-qj5h-9992: Cisco Secure Services Client (CSSC) 4↗2022-05-01

▶

CVEList

CVE-2007-1067: Cisco Secure Services Client (CSSC) 4↗2007-02-22

▶