CVE-2012-3088
critical
Cisco CVSS v3 Base Score
9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS Score
0.5%
Exploitation probability in 30 days
Top 35% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C
Published: September 16, 2012 (4988 days ago)
Last Modified: April 29, 2026
Vendor: Cisco
Source: NVD
Vulnerability Report
Generated by CyberWatcher
Description
Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua13166.
CWE
NVD-CWE-noinfoAffected Products
cisco anyconnect secure mobility client