Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-3314

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-3314
Last Modified 15 Jan 2015 01:19:19
Published 14 Jan 2015 02:59:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-3314

Summary

Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940.

Vulnerable Systems

Application

  • Cisco Anyconnect Secure Mobility Client


References

CISCO - 20150113 Cisco AnyConnect User Interface Dialog Rendered When Connecting to Arbitrary Hosts Vulnerability


Last Updated: 27 May 2016 11:07:33