CyberSec.Space Logo
返回 CVE 浏览器

CVE-2012-3088

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0310%
EPSS Percentile13.63th
Published2012年9月16日
Last Modified2026年4月29日

Vulnerability Description

Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua13166.

Affected Platforms (CPE)

📦
Cisco

Anyconnect Secure Mobility Client

= 3.1.0
📦
Cisco

Anyconnect Secure Mobility Client

= 3.2.0

References & Advisories

🔗 http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/78920
🔗 http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/78920

相关漏洞威胁

CVE-2012-24939.3

The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Window...

CVE-2011-20409.3

The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.5.3041, and 3.0.x befo...

CVE-2021-13667.8

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow...

CVE-2020-34337.8

A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow...