NVD

Id
44728  
Name
CVE-2012-3088  
Description
Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua13166.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2012-09-16  
Modified Date
2013-01-24  
Seq
2012-3088  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
224330 44728 CVE-2012-3088 http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html  View
224331 44728 CVE-2012-3088 cisco-anyconnect-unspecified(78920)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
28695 JVNDB-2012-004402 Cisco AnyConnect Secure Mobility Client における脆弱性 Cisco AnyConnect Secure Mobility Client は、HTTP リクエストに ScanSafe ヘッダが含まれているかどうかを適切にチェックしないため、不特定の影響を受ける脆弱性が存在します。 CVE-2012-3088 56326 CVE-2012-3088 44728 9.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004402.html 2012-09-16 2012-09-18 View