Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco anyconnect secure mobility client 2.3 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2015-3193
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 prior to 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote malicious users to obt...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
Nodejs Node.js
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
1 Github repository
6.8
CVSSv3
CVE-2017-13084
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Debian Debian Linux 8.0
Freebsd Freebsd
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 42.2
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd 11
Freebsd Freebsd 11.1
Freebsd Freebsd 10
Freebsd Freebsd 10.4
W1.fi Hostapd 1.1
W1.fi Hostapd 2.4
W1.fi Hostapd 2.0
W1.fi Hostapd 0.7.3
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Hostapd 1.0
1 Article
5.3
CVSSv3
CVE-2017-13079
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Debian Debian Linux 8.0
Freebsd Freebsd
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 42.2
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd 11
Freebsd Freebsd 11.1
Freebsd Freebsd 10
Freebsd Freebsd 10.4
W1.fi Hostapd 1.1
W1.fi Hostapd 2.4
W1.fi Hostapd 2.0
W1.fi Hostapd 0.7.3
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Hostapd 1.0
2 Articles
5.3
CVSSv3
CVE-2017-13081
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Debian Debian Linux 8.0
Freebsd Freebsd
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Debian Debian Linux 9.0
Opensuse Leap 42.3
Opensuse Leap 42.2
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd 11
Freebsd Freebsd 11.1
Freebsd Freebsd 10
Freebsd Freebsd 10.4
W1.fi Hostapd 1.1
W1.fi Hostapd 2.4
W1.fi Hostapd 2.0
W1.fi Hostapd 0.7.3
W1.fi Wpa Supplicant 2.3
W1.fi Wpa Supplicant 2.1
W1.fi Wpa Supplicant 2.2
W1.fi Hostapd 1.0
2 Articles
NA
CVE-2015-1794
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
NA
CVE-2015-1788
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows re...
Openssl Openssl
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
1 Article
NA
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected ...
Openssl Openssl 1.0.1j
NA
CVE-2013-5559
Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote malicious users to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.
Cisco Anyconnect Secure Mobility Client 2.5.3046
Cisco Anyconnect Secure Mobility Client 2.5.3041
Cisco Anyconnect Secure Mobility Client 2.4.4004
Cisco Anyconnect Secure Mobility Client 2.5.2017
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.5.2001
Cisco Anyconnect Secure Mobility Client 2.4.4014
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.5.5125
Cisco Anyconnect Secure Mobility Client 2.5.6005
Cisco Anyconnect Secure Mobility Client 2.5.0217
Cisco Anyconnect Secure Mobility Client 2.5.3051
Cisco Anyconnect Secure Mobility Client 2.5.5130
Cisco Anyconnect Secure Mobility Client 2.3.2016
Cisco Anyconnect Secure Mobility Client 2.1
Cisco Anyconnect Secure Mobility Client 2.2
Cisco Anyconnect Secure Mobility Client 2.5.5116
Cisco Anyconnect Secure Mobility Client 2.2.133
Cisco Anyconnect Secure Mobility Client 2.5.2011
Cisco Anyconnect Secure Mobility Client 2.4.1012
Cisco Anyconnect Secure Mobility Client 2.5.2010
NA
CVE-2013-1172
The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153.
Cisco Anyconnect Secure Mobility Client 2.5.3046
Cisco Anyconnect Secure Mobility Client 2.5.3041
Cisco Anyconnect Secure Mobility Client 2.4.4004
Cisco Anyconnect Secure Mobility Client 2.5.2017
Cisco Anyconnect Secure Mobility Client 3.0
Cisco Anyconnect Secure Mobility Client 3.0.5080
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.5.2001
Cisco Anyconnect Secure Mobility Client 3.0.5075
Cisco Anyconnect Secure Mobility Client 2.4.4014
Cisco Anyconnect Secure Mobility Client 3.1.0
Cisco Anyconnect Secure Mobility Client 3.0.3050
Cisco Anyconnect Secure Mobility Client 3.0.08057
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.5.5125
Cisco Anyconnect Secure Mobility Client 2.5.6005
Cisco Anyconnect Secure Mobility Client 3.0.0629
Cisco Anyconnect Secure Mobility Client 3.0.07059
Cisco Anyconnect Secure Mobility Client 3.1.00495
Cisco Anyconnect Secure Mobility Client -
Cisco Anyconnect Secure Mobility Client 2.5.0217
NA
CVE-2013-1173
Heap-based buffer overflow in ciscod.exe in the Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14143.
Cisco Anyconnect Secure Mobility Client 2.5.3046
Cisco Anyconnect Secure Mobility Client 2.5.3041
Cisco Anyconnect Secure Mobility Client 2.4.4004
Cisco Anyconnect Secure Mobility Client 2.5.2017
Cisco Anyconnect Secure Mobility Client 3.0
Cisco Anyconnect Secure Mobility Client 3.0.5080
Cisco Anyconnect Secure Mobility Client 2.4
Cisco Anyconnect Secure Mobility Client 2.5.2001
Cisco Anyconnect Secure Mobility Client 3.0.5075
Cisco Anyconnect Secure Mobility Client 2.4.4014
Cisco Anyconnect Secure Mobility Client 3.1.0
Cisco Anyconnect Secure Mobility Client 3.0.3050
Cisco Anyconnect Secure Mobility Client 3.0.08057
Cisco Anyconnect Secure Mobility Client 2.2.128
Cisco Anyconnect Secure Mobility Client 2.3
Cisco Anyconnect Secure Mobility Client 2.5.5125
Cisco Anyconnect Secure Mobility Client 2.5.6005
Cisco Anyconnect Secure Mobility Client 3.0.0629
Cisco Anyconnect Secure Mobility Client 3.0.07059
Cisco Anyconnect Secure Mobility Client 3.1.00495
Cisco Anyconnect Secure Mobility Client -
Cisco Anyconnect Secure Mobility Client 2.5.0217
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »