Certificate bypass vulnerability in Cisco AnyConnect Secure Mobility Client - CVE-2018-0334ID: oval:org.secpod.oval:def:82602 | Date: (C)2022-08-04 (M)2022-08-04 |
Class: VULNERABILITY | Family: windows |
The host is installed with Cisco AnyConnect Secure Mobility Client 4.6.00100 is prone to a certificate bypass vulnerability. A flaw is present in the application which fails to properly validate the simple certificate enrollment protocol and improper server certificate. Successful exploitation could allows attackers to remotely change the configuration profile, a certificate, or the localization data used by AnyConnect Secure Mobility Client.
Platform: |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Product: |
Cisco AnyConnect Secure Mobility Client |