The host is installed with Cisco AnyConnect Secure Mobility Client 4.6.00100 is prone to a certificate bypass vulnerability. A flaw is present in the application which fails to properly validate the simple certificate enrollment protocol and improper server certificate. Successful exploitation could allows attackers to remotely change the configuration profile, a certificate, or the localization data used by AnyConnect Secure Mobility Client.