CVE-2009-5008

EUVD-2009-4970
Cisco Secure Desktop (CSD), when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a modified executable file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
ciscosecure_desktop
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.infradead.org/openconnect.html
http://www.infradead.org/openconnect.html