CVE-2012-2500
published 2012-08-06CVE-2012-2500: Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate during WebLaunch of IPsec, which…
medium4CVSS 3.1
AVNACHAuNCPIPAN
Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate during WebLaunch of IPsec, which allows man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29470.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | anyconnect_secure_mobility_client | — | — |
| cisco | anyconnect_secure_mobility_client | — | — |
| cisco | anyconnect_secure_mobility_client | — | — |