Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The VPN downloader in the download_install component in Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495 on Linux accepts arbitrary X.509 server certificates without user interaction, which allows remote attackers to obtain sensitive information via vectors involving an invalid certificate, aka Bug ID CSCua11967.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco AnyConnect Secure Mobility Client 信息泄露漏洞
Vulnerability Description
Cisco AnyConnect Secure Mobility是一个安全的企业移动解决方案。 基于Linux系统下的Cisco AnyConnect Secure Mobility Client 3.1.00495之前的3.1.x版本中的download_install组件中的VPN下载器中存在漏洞,该漏洞源于没有用户交互的情况下接受任意X.509服务器证书。远程攻击者可利用该漏洞通过包含无效证书的向量获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A