cbcvebase.
CVE-2012-2498
published 2012-08-06

CVE-2012-2498: Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ensure that authentication makes use of a legitimate certificate, which allows…

medium4CVSS 3.1
AVNACHAuNCPIPAN
Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ensure that authentication makes use of a legitimate certificate, which allows user-assisted man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29197.

Affected

5 ranges
VendorProductVersion rangeFixed in
ciscoanyconnect_secure_mobility_client
ciscoanyconnect_secure_mobility_client
ciscoanyconnect_secure_mobility_client
ciscoanyconnect_secure_mobility_client
ciscoanyconnect_secure_mobility_client