CVE-2015-0691: OS Command Injection
First published: Fri Apr 17 2015(Updated: )
A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Secure Desktop | =3.0_base | |
| Cisco Secure Desktop | =3.1.0.31 | |
| Cisco Secure Desktop | =3.1.1 | |
| Cisco Secure Desktop | =3.1.1.45 | |
| Cisco Secure Desktop | =3.1_base | |
| Cisco Secure Desktop | =3.2.0.136 | |
| Cisco Secure Desktop | =3.2.1.103 | |
| Cisco Secure Desktop | =3.2.1.126 | |
| Cisco Secure Desktop | =3.2_base | |
| Cisco Secure Desktop | =3.3.0.118 | |
| Cisco Secure Desktop | =3.3.0.151 | |
| Cisco Secure Desktop | =3.3_base | |
| Cisco Secure Desktop | =3.4.0373 | |
| Cisco Secure Desktop | =3.4.1108 | |
| Cisco Secure Desktop | =3.4.2048 | |
| Cisco Secure Desktop | =3.4_base | |
| Cisco Secure Desktop | =3.5.841 | |
| Cisco Secure Desktop | =3.5.1077 | |
| Cisco Secure Desktop | =3.5.2001 | |
| Cisco Secure Desktop | =3.5.2003 | |
| Cisco Secure Desktop | =3.5.2008 | |
| Cisco Secure Desktop | =3.5_base | |
| Cisco Secure Desktop | =3.6.181 | |
| Cisco Secure Desktop | =3.6.185 | |
| Cisco Secure Desktop | =3.6.1001 | |
| Cisco Secure Desktop | =3.6.2002 | |
| Cisco Secure Desktop | =3.6.3002 | |
| Cisco Secure Desktop | =3.6.4021 | |
| Cisco Secure Desktop | =3.6.5005 | |
| Cisco Secure Desktop | =3.6.6020 | |
| Cisco Secure Desktop | =3.6.6104 | |
| Cisco Secure Desktop | =3.6.6203 | |
| Cisco Secure Desktop | =3.6.6210 | |
| Cisco Secure Desktop | =3.6.6228 | |
| Cisco Secure Desktop | =3.6.6234 | |
| Cisco Secure Desktop | =3.6.6249 | |
| Cisco Secure Desktop | =3.6_base |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/author
- agent/description
- agent/event
- agent/last-modified-date
- agent/references
- agent/severity
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- vendor/cisco
- canonical/cisco secure desktop
- version/cisco secure desktop/3.0_base
- version/cisco secure desktop/3.1.0.31
- version/cisco secure desktop/3.1.1
- version/cisco secure desktop/3.1.1.45
- version/cisco secure desktop/3.1_base
- version/cisco secure desktop/3.2.0.136
- version/cisco secure desktop/3.2.1.103
- version/cisco secure desktop/3.2.1.126
- version/cisco secure desktop/3.2_base
- version/cisco secure desktop/3.3.0.118
- version/cisco secure desktop/3.3.0.151
- version/cisco secure desktop/3.3_base
- version/cisco secure desktop/3.4.0373
- version/cisco secure desktop/3.4.1108
- version/cisco secure desktop/3.4.2048
- version/cisco secure desktop/3.4_base
- version/cisco secure desktop/3.5.841
- version/cisco secure desktop/3.5.1077
- version/cisco secure desktop/3.5.2001
- version/cisco secure desktop/3.5.2003
- version/cisco secure desktop/3.5.2008
- version/cisco secure desktop/3.5_base
- version/cisco secure desktop/3.6.181
- version/cisco secure desktop/3.6.185
- version/cisco secure desktop/3.6.1001
- version/cisco secure desktop/3.6.2002
- version/cisco secure desktop/3.6.3002
- version/cisco secure desktop/3.6.4021
- version/cisco secure desktop/3.6.5005
- version/cisco secure desktop/3.6.6020
- version/cisco secure desktop/3.6.6104
- version/cisco secure desktop/3.6.6203
- version/cisco secure desktop/3.6.6210
- version/cisco secure desktop/3.6.6228
- version/cisco secure desktop/3.6.6234
- version/cisco secure desktop/3.6.6249
- version/cisco secure desktop/3.6_base