CVE-2012-2500 in AnyConnect Secure Mobility Clientinformación

Resumen (Inglés)

Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate during WebLaunch of IPsec, which allows man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29470.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservar

2012-05-07

Divulgación

2012-08-06

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
5916	Cisco AnyConnect Secure Mobility Client cifrado débil	310	No está definido	Arreglo oficial	CVE-2012-2500

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

MITRE
NVD
CVE Details

◂ AnteriorVisión De ConjuntoPróximo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!