CVE-2012-3088 Information

Description

Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495 and 3.2.x does not check whether an HTTP request originally contains ScanSafe headers which allows remote attackers to have an unspecified impact via a crafted request aka Bug ID CSCua13166.

Reference

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html https://exchange.xforce.ibmcloud.com/vulnerabilities/78920