First published: Mon Aug 06 2012(Updated: )
Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ensure that authentication makes use of a legitimate certificate, which allows user-assisted man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29197.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Anyconnect Secure Mobility Client | =3.0 | |
Cisco Anyconnect Secure Mobility Client | =3.0.0629 | |
Cisco Anyconnect Secure Mobility Client | =3.0.07059 | |
Cisco Anyconnect Secure Mobility Client | =3.0.08057 | |
Cisco Anyconnect Secure Mobility Client | =3.0.08066 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.