Описание
Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua13166.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00484
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua13166.
EPSS
Процентиль: 65%
0.00484
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-noinfo