Unvalidated ScanSafe Header Handling Vulnerability in Cisco AnyConnect Secure Mobility Client
CVE-2012-3088 · HIGH Severity
AV:N/AC:M/AU:N/C:C/I:C/A:C
Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua13166.
Learn more about our Web Application Penetration Testing UK.