Unrated severityNVD Advisory· Published Aug 6, 2012· Updated Jun 16, 2026
CVE-2012-2498
CVE-2012-2498
Description
Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ensure that authentication makes use of a legitimate certificate, which allows user-assisted man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29197.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.0629:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.07059:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.08057:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.08066:*:*:*:*:*:*:*
- (no CPE)range: >=3.0, <=3.0.08066
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.