Unrated severityNVD Advisory· Published Jan 14, 2015· Updated May 6, 2026

CVE-2014-3314

Description

Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940.

Affected products

Cisco Systems, Inc./Anyconnect Secure Mobility Client2 versions
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:android:*:*+ 1 more
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:android:*:*
- cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:macos:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3314nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000