CVE-2012-2496

medium

Cisco

CVSS v3 Base Score

6.8

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS Score

1.1%

Exploitation probability in 30 days

Top 22% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Confidentiality

Integrity

Availability

Published: June 20, 2012 (5075 days ago)

Last Modified: April 29, 2026

Vendor: Cisco

Source: NVD

Description

A certain Java applet in the VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR7 on 64-bit Linux platforms does not properly restrict use of Java components, which allows remote attackers to execute arbitrary code via a crafted web site, aka Bug ID CSCty45925.

CWE

CWE-20

Affected Products

cisco anyconnect secure mobility client

References

🔗 tools.cisco.com 🔗 tools.cisco.com

CVE-2012-2496

Vulnerability Report

Description

CWE

Affected Products

References