cisco-sa-secure-privesc-sYxQO6ds: Cisco Secure Client for Linux with ISE Posture Module Privilege Escalation Vulnerability
First published: Wed Mar 06 2024(Updated: )
A vulnerability in the ISE Posture (System Scan) module of Cisco Secure Client for Linux could allow an authenticated, local attacker to elevate privileges on an affected device.This vulnerability is due to the use of an uncontrolled search path element. An attacker could exploit this
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Secure |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-secure-privesc-sYxQO6ds?
The cisco-sa-secure-privesc-sYxQO6ds vulnerability is classified as a privilege escalation vulnerability.
How do I fix cisco-sa-secure-privesc-sYxQO6ds?
To mitigate cisco-sa-secure-privesc-sYxQO6ds, update the Cisco Secure Client to the latest version provided by Cisco.
Who is affected by cisco-sa-secure-privesc-sYxQO6ds?
Cisco Secure Client for Linux users are affected by the cisco-sa-secure-privesc-sYxQO6ds vulnerability.
What type of attack does cisco-sa-secure-privesc-sYxQO6ds enable?
cisco-sa-secure-privesc-sYxQO6ds allows an authenticated, local attacker to elevate privileges on the affected device.
What causes cisco-sa-secure-privesc-sYxQO6ds?
The cisco-sa-secure-privesc-sYxQO6ds vulnerability is due to the use of an uncontrolled search path element.
- collector/cisco-recent
- source/Cisco
- agent/title
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/references
- agent/first-publish-date
- agent/type
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/cisco
- canonical/cisco secure