CVE-2012-2499
published 2012-08-06CVE-2012-2499: The IPsec implementation in Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate, which…
medium5.8CVSS 3.1
AVNACMAuNCPIPAN
The IPsec implementation in Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz26985.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | — | — |
| cisco | anyconnect_secure_mobility_client | — | — |
| cisco | anyconnect_secure_mobility_client | — | — |