Security Advisory

CVE-2012-2498

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-08-06 17:00:00

Last updated 2024-09-16 16:43:55

Assigner cisco

State PUBLISHED

Description

Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ensure that authentication makes use of a legitimate certificate, which allows user-assisted man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29197.

← Browse all CVEs View on cve.org ↗