CVE-2012-1370Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Anyconnect Secure Mobility Client

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
3.5LOWNVD
EPSS
0.5%
top 35.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Anyconnect Secure Mobility Client
Timeline
PublishedAug 6
Latest updateMay 17

Description

Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 allows remote authenticated users to cause a denial of service (vpnagentd process crash) via a crafted packet, aka Bug ID CSCty01670.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

NVDcisco/anyconnect_secure_mobility_client3.0, 3.0.0629, 3.0.07059+2

🔴Vulnerability Details

2
GHSA
GHSA-xh58-gg99-9cgg: Cisco AnyConnect Secure Mobility Client 32022-05-17
CVEList
CVE-2012-1370: Cisco AnyConnect Secure Mobility Client 32012-08-06
CVE-2012-1370 — Cisco vulnerability | cvebase