CVE-2014-3314

Cisco AnyConnect Secure Mobility Client - Authentication Spoofing via Host Type Verification Bypass

Title source: llm
STIX 2.1

Description

Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940.

References (1)

Core 1
Core References

Scores

EPSS 0.0109
EPSS Percentile 61.3%

Details

CWE
CWE-20
Status published
Products (1)
cisco/anyconnect_secure_mobility_client (2 CPE variants)
Published Jan 14, 2015
Tracked Since Feb 18, 2026