CVE-2012-2494 — Improper Input Validation in Cisco Anyconnect Secure Mobility Client

CWE-20 — Improper Input Validation CWE-3996 documents5 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 58.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Anyconnect Secure Mobility Client

Timeline

PublishedJun 20

Latest updateMay 17

Description

The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 and 3.x before 3.0 MR8 does not compare the timestamp of offered software to the timestamp of installed software, which allows remote attackers to force a version downgrade by using (1) ActiveX or (2) Java components to offer signed code that corresponds to an older software release, aka Bug ID CSCtw48681.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/anyconnect_secure_mobility_client16 versions+15

🔴Vulnerability Details

GHSA

GHSA-52cj-532j-rfcv: The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2↗2022-05-17

▶

CVEList

CVE-2012-2494: The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2↗2012-06-20

▶

📋Vendor Advisories

Cisco

Cisco AnyConnect Secure Mobility Client Software Downgrade Vulnerability↗2012-06-20

▶

Cisco

Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client↗2012-06-20

▶

Red Hat

kernel: taskstats io infoleak↗2011-06-21

▶