{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T01:58:59.638","vulnerabilities":[{"cve":{"id":"CVE-2021-1568","sourceIdentifier":"psirt@cisco.com","published":"2021-06-16T18:15:08.943","lastModified":"2024-11-21T05:44:38.517","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. This vulnerability is due to uncontrolled memory allocation. An attacker could exploit this vulnerability by copying a crafted file to a specific folder on the system. A successful exploit could allow the attacker to crash the VPN Agent service when the affected application is launched, causing it to be unavailable to all users of the system. To exploit this vulnerability, the attacker must have valid credentials on a multiuser Windows system."},{"lang":"es","value":"Una vulnerabilidad en Cisco AnyConnect Secure Mobility Client para Windows, podría permitir a un atacante local autenticado causar una condición de denegación de servicio (DoS) en un sistema afectado. Esta vulnerabilidad es debido a una asignación no controlada de la memoria. Un atacante podría explotar esta vulnerabilidad copiando un archivo diseñado en una carpeta específica del sistema. Una explotación con éxito podría permitir al atacante bloquear el servicio de Agente VPN cuando es lanzada la aplicación afectada, causando que no esté disponible para todos los usuarios del sistema. Para explotar esta vulnerabilidad, el atacante debe tener credenciales válidas en un sistema Windows multiusuario"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:N/A:P","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-789"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:windows:*:*","versionEndExcluding":"4.10.01075","matchCriteriaId":"00CD6C70-8B34-468B-9937-566390D6CBD0"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-hMhyDfb8","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dos-hMhyDfb8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}