CVE-2013-1173 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Anyconnect Secure Mobility Client
Severity
6.6MEDIUMNVD
EPSS
0.1%
top 74.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 11
Latest updateMay 17
Description
Heap-based buffer overflow in ciscod.exe in the Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14143.
CVSS vector
AV:L/AC:M/C:C/I:C/A:CExploitability: 2.7 | Impact: 10.0