Main Vulnerability Database Vulnerabilities #VU10120

XXE attack in Cisco AnyConnect Secure Mobility Client - CVE-2018-0100

Published: January 22, 2018

Vulnerability identifier: #VU10120

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2018-0100

CWE-ID: CWE-611

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Cisco Systems, Inc

Affected software:
Cisco AnyConnect Secure Mobility Client

Detailed vulnerability description

The vulnerability allows a local unauthenticated attacker to perform XXE attack on the target system.

The weakness exists in the Profile Editor of the Cisco AnyConnect Secure Mobility Client due to improper handling of XML External Entity (XXE) entries when parsing an XML file. A local attacker can inject a specially crafted XML file with malicious entries to gain read and write access to the files.

How to mitigate CVE-2018-0100

Install update from vendor's website.

Sources

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-acpe

XXE attack in Cisco AnyConnect Secure Mobility Client - CVE-2018-0100

Detailed vulnerability description

How to mitigate CVE-2018-0100

Sources

Please verify you're human