Vulnerability Details : CVE-2012-2499
The IPsec implementation in Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz26985.
Exploit prediction scoring system (EPSS) score for CVE-2012-2499
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 27 %
Percentile, the proportion of vulnerabilities that are scored at or less