MacOS Local Privilege Escalation Exploitable through Cisco AnyConnect Secure Mobility Client

THIS DOCUMENT IS PROVIDED ON AN “AS IS” BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-36961 : SOLARWINDS ORION PLATFORM VERB SQL INJECTION

CVE-2022-36961 : SOLARWINDS ORION PLATFORM VERB SQL INJECTION

Description A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege

CVE-2022-42302 : VERITAS NETBACKUP UP TO 10.0 NBFSMCLIENT SERVICE SQL INJECTION

CVE-2022-42302 : VERITAS NETBACKUP UP TO 10.0 NBFSMCLIENT SERVICE SQL INJECTION

Description An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable

CVE-2022-39266 : ISOLATED-VM UP TO 4.3.6 API PROTECTION MECHANISM

CVE-2022-39266 : ISOLATED-VM UP TO 4.3.6 API PROTECTION MECHANISM

Description isolated-vm is a library for nodejs which gives the user access to v8’s Isolate interface. In versions 4.3.6 and