Vulnerability Details CVE-2014-3314
Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.0%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2014-3314
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:-
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.7030
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.7073
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.5116
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.5118
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.5125
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.5131
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.8.00820
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.8.00826
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.8.01098
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.8.03537
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.8.03538
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.8.03645
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.8.03651
-
cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.9.03047