This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:cisco:secure_desktop
Detail
VendorCiscoFirst view 2006-10-18
ProductSecure DesktopLast view2015-04-16
VersionTypeApplication
Edition 
Language 
Update 

Activity : Overall

COMMON PLATFORM ENUMERATION : Repartition per Version

CPE NameAffected CVE
cpe:/a:cisco:secure_desktop11
cpe:/a:cisco:secure_desktop:3.1.18
cpe:/a:cisco:secure_desktop:3.0_base7
cpe:/a:cisco:secure_desktop:3.17
cpe:/a:cisco:secure_desktop:3.1_base7
Hide | Show 44 More...
CPE NameAffected CVE
cpe:/a:cisco:secure_desktop:3.1.0.317
cpe:/a:cisco:secure_desktop:3.1.1.277
cpe:/a:cisco:secure_desktop:3.1.1.337
cpe:/a:cisco:secure_desktop:3.1.1.455
cpe:/a:cisco:secure_desktop:3.24
cpe:/a:cisco:secure_desktop:3.2_base4
cpe:/a:cisco:secure_desktop:3.2.0.1364
cpe:/a:cisco:secure_desktop:3.2.14
cpe:/a:cisco:secure_desktop:3.2.1.1034
cpe:/a:cisco:secure_desktop:3.2.1.1264
cpe:/a:cisco:secure_desktop:3.34
cpe:/a:cisco:secure_desktop:3.3_base4
cpe:/a:cisco:secure_desktop:3.3.0.1184
cpe:/a:cisco:secure_desktop:3.3.0.1514
cpe:/a:cisco:secure_desktop:3.44
cpe:/a:cisco:secure_desktop:3.4_base4
cpe:/a:cisco:secure_desktop:3.4.14
cpe:/a:cisco:secure_desktop:3.4.24
cpe:/a:cisco:secure_desktop:3.4.20484
cpe:/a:cisco:secure_desktop:3.4.03733
cpe:/a:cisco:secure_desktop:3.4.11083
cpe:/a:cisco:secure_desktop:3.53
cpe:/a:cisco:secure_desktop:3.5_base3
cpe:/a:cisco:secure_desktop:3.5.10773
cpe:/a:cisco:secure_desktop:3.5.20013
cpe:/a:cisco:secure_desktop:3.5.20083
cpe:/a:cisco:secure_desktop:3.5.8413
cpe:/a:cisco:secure_desktop:3.5.20032
cpe:/a:cisco:secure_desktop:3.6.10012
cpe:/a:cisco:secure_desktop:3.6.1812
cpe:/a:cisco:secure_desktop:3.6.1852
cpe:/a:cisco:secure_desktop:3.6.20022
cpe:/a:cisco:secure_desktop:3.6.30022
cpe:/a:cisco:secure_desktop:3.6.40212
cpe:/a:cisco:secure_desktop:3.6.50052
cpe:/a:cisco:secure_desktop:3.61
cpe:/a:cisco:secure_desktop:3.6_base1
cpe:/a:cisco:secure_desktop:3.6.60201
cpe:/a:cisco:secure_desktop:3.6.61041
cpe:/a:cisco:secure_desktop:3.6.62031
cpe:/a:cisco:secure_desktop:3.6.62101
cpe:/a:cisco:secure_desktop:3.6.62281
cpe:/a:cisco:secure_desktop:3.6.62341
cpe:/a:cisco:secure_desktop:3.6.62491

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
9.32015-04-16CVE-2015-0691NetworkMediumNone Requ...
9.32012-09-24CVE-2012-4655NetworkMediumNone Requ...
4.32012-06-20CVE-2012-2495NetworkMediumNone Requ...
9.32011-02-28CVE-2011-0925NetworkMediumNone Requ...
9.32011-02-25CVE-2011-0926NetworkMediumNone Requ...
Hide | Show 8 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
2.12010-10-14CVE-2009-5008LocalLowNone Requ...
9.32010-04-15CVE-2010-0589NetworkMediumNone Requ...
4.32010-02-03CVE-2010-0440NetworkMediumNone Requ...
4.62006-11-08CVE-2006-5808LocalLowNone Requ...
4.62006-11-08CVE-2006-5807LocalLowNone Requ...
2.12006-11-08CVE-2006-5806LocalLowNone Requ...
2.12006-10-18CVE-2006-5394LocalLowNone Requ...
2.12006-10-18CVE-2006-5393LocalLowNone Requ...

CWE : Common Weakness Enumeration

%idName
62% (5)CWE-20Improper Input Validation
25% (2)CWE-264Permissions, Privileges, and Access Controls
12% (1)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')

SAINT Exploits

DescriptionLink
Cisco Secure Desktop CSDWebInstaller code execMore info here

Open Source Vulnerability Database (OSVDB)

idDescription
73338Cisco Secure Desktop (CSD) CSDWebInstaller.ocx ActiveX inst.exe Program Name ...
73337Cisco Secure Desktop (CSD) CSDWebInstaller.ocx ActiveX Installation Process S...
68633Cisco Secure Desktop (CSD) Crafted Executable Local Policy Restriction Bypass
63809Cisco Secure Desktop (CSD) CSDWebInstaller ActiveX Signature Verification Arb...
62069Cisco Secure Desktop (CSD) /translation POST Request XSS
Hide | Show 5 More...
idDescription
33065Cisco Secure Desktop SSL VPN Local Memory Disclosure
32406Cisco Secure Desktop Cross VPN Session Information Disclosure
30308Cisco Secure Desktop (CSD) Installation Permission Weakness Local Privilege E...
30307Cisco Secure Desktop (CSD) Unspecified System Policy Evasion
30306Cisco Secure Desktop (CSD) SSL VPN Client Browser Session Information Local D...

OpenVAS Exploits

idDescription
2012-09-12Name : Cisco Products ActiveX Control Multiple Vulnerabilities
File : nvt/gb_cisco_prdts_activex_mult_vuln.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2012-A-0104Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
Severity : Category I - VMSKEY : V0033046

Snort® IPS/IDS

DateDescription
2015-04-22Cisco Secure Desktop Applet command execution attempt
RuleID : 34180 - Type : OS-OTHER - Revision : 1
2014-01-10Cisco Secure Desktop CSDWebInstaller ActiveX function call access
RuleID : 24282 - Type : BROWSER-PLUGINS - Revision : 4
2014-01-10Cisco Secure Desktop CSDWebInstaller ActiveX clsid access
RuleID : 24281 - Type : BROWSER-PLUGINS - Revision : 8

Nessus® Vulnerability Scanner

idDescription
2012-09-11Name : The remote Windows host is missing an update that disables selected ActiveX c...
File : smb_kb_2736233.nasl - Type : ACT_GATHER_INFO
2012-07-02Name : The remote host has software installed that is affected by multiple vulnerabi...
File : macosx_cisco_anyconnect_multiple.nasl - Type : ACT_GATHER_INFO
2012-07-02Name : The remote host has software installed that is affected by multiple vulnerabi...
File : cisco_anyconnect_vpn_hostscan_downgrade.nasl - Type : ACT_GATHER_INFO