From da4b4cbc100631cad4ba612f4f4097de80a17129 Mon Sep 17 00:00:00 2001 From: santosomar Date: Thu, 6 Aug 2020 01:05:24 +0000 Subject: [PATCH] Adding Cisco CVE-2020-3435 --- 2020/3xxx/CVE-2020-3435.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2020/3xxx/CVE-2020-3435.json b/2020/3xxx/CVE-2020-3435.json index 50f9e12790d..69ae89ede7f 100644 --- a/2020/3xxx/CVE-2020-3435.json +++ b/2020/3xxx/CVE-2020-3435.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2020-08-05T16:00:00", "ID": "CVE-2020-3435", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco AnyConnect Secure Mobility Client for Windows Profile Modification Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco AnyConnect Secure Mobility Client ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\r A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to overwrite VPN profiles on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.\r The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process on an affected device. A successful exploit could allow the attacker to modify VPN profile files. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "5.5", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20200805 Cisco AnyConnect Secure Mobility Client for Windows Profile Modification Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-profile-7u3PERKF" + } + ] + }, + "source": { + "advisory": "cisco-sa-anyconnect-profile-7u3PERKF", + "defect": [ + [ + "CSCvu14938" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +}