Cisco AnyConnect Secure Mobility Client 3.1 < 3.1(495) MiTM
Medium Nessus Plugin ID 61518
SynopsisThe remote host has software installed that is vulnerable to man-in-the-middle attacks.
DescriptionThe remote host has a version of Cisco AnyConnect 3.1 prior to 3.1(495). As such, it prompts the user to decide whether or not to proceed when an untrusted certificate is seen. Accepting an untrusted certificate could result in a man-in-the-middle attack.
SolutionUpgrade to Cisco AnyConnect Secure Mobility Client 3.1(495) or later.