CVE-2010-3903Openconnect vulnerability

5 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 46.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Infradead Openconnect
Timeline
PublishedOct 14
Latest updateMay 17

Description

Unspecified vulnerability in OpenConnect before 2.23 allows remote AnyConnect SSL VPN servers to cause a denial of service (application crash) via a 404 HTTP status code.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Debianinfradead/openconnect< 2.25-0.1+3

🔴Vulnerability Details

3
GHSA
GHSA-w55v-q4px-2w63: Unspecified vulnerability in OpenConnect before 22022-05-17
OSV
CVE-2010-3903: Unspecified vulnerability in OpenConnect before 22010-10-14
CVEList
CVE-2010-3903: Unspecified vulnerability in OpenConnect before 22010-10-12

📋Vendor Advisories

1
Debian
CVE-2010-3903: openconnect - Unspecified vulnerability in OpenConnect before 2.23 allows remote AnyConnect SS...2010
CVE-2010-3903 — Infradead Openconnect vulnerability | cvebase