CVE-2012-2495: Input Validation
First published: Wed Jun 20 2012(Updated: )
The HostScan downloader implementation in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR8 and Cisco Secure Desktop before 3.6.6020 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtx74235.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco AnyConnect | =3.0 | |
| Cisco Secure Desktop | <=3.5.2008 | |
| Cisco Secure Desktop | =3.1 | |
| Cisco Secure Desktop | =3.1.1 | |
| Cisco Secure Desktop | =3.1.1.27 | |
| Cisco Secure Desktop | =3.1.1.33 | |
| Cisco Secure Desktop | =3.1.1.45 | |
| Cisco Secure Desktop | =3.2 | |
| Cisco Secure Desktop | =3.2.1 | |
| Cisco Secure Desktop | =3.3 | |
| Cisco Secure Desktop | =3.4 | |
| Cisco Secure Desktop | =3.4.1 | |
| Cisco Secure Desktop | =3.4.2 | |
| Cisco Secure Desktop | =3.4.2048 | |
| Cisco Secure Desktop | =3.5 | |
| Cisco Secure Desktop | =3.5.841 | |
| Cisco Secure Desktop | =3.5.1077 | |
| Cisco Secure Desktop | =3.5.2001 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-2495?
CVE-2012-2495 is classified as a moderate severity vulnerability due to its potential for exploitation leading to version downgrades.
How do I fix CVE-2012-2495?
To fix CVE-2012-2495, upgrade Cisco AnyConnect Secure Mobility Client to version 3.0 MR8 or later, and Cisco Secure Desktop to version 3.6.6020 or later.
What systems are affected by CVE-2012-2495?
CVE-2012-2495 affects Cisco AnyConnect Secure Mobility Client versions prior to 3.0 MR8 and several versions of Cisco Secure Desktop up to 3.5.2008.
Can CVE-2012-2495 be exploited remotely?
Yes, CVE-2012-2495 can be exploited by remote attackers to force a version downgrade without proper authentication.
What is the nature of the vulnerability in CVE-2012-2495?
CVE-2012-2495 involves the HostScan downloader not comparing timestamps of offered software with installed software, allowing an attacker to manipulate software versions.
- agent/type
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco anyconnect
- version/cisco anyconnect/3.0
- canonical/cisco secure desktop
- version/cisco secure desktop/3.5.2008
- version/cisco secure desktop/3.1
- version/cisco secure desktop/3.1.1
- version/cisco secure desktop/3.1.1.27
- version/cisco secure desktop/3.1.1.33
- version/cisco secure desktop/3.1.1.45
- version/cisco secure desktop/3.2
- version/cisco secure desktop/3.2.1
- version/cisco secure desktop/3.3
- version/cisco secure desktop/3.4
- version/cisco secure desktop/3.4.1
- version/cisco secure desktop/3.4.2
- version/cisco secure desktop/3.4.2048
- version/cisco secure desktop/3.5
- version/cisco secure desktop/3.5.841
- version/cisco secure desktop/3.5.1077
- version/cisco secure desktop/3.5.2001