Mac OS X : Cisco AnyConnect Secure Mobility Client < 3.1(6042) Host Validation Vulnerability
Medium Nessus Plugin ID 80861
SynopsisThe remote host is affected by a host validation vulnerability.
DescriptionThe remote Mac OS X host has a version of Cisco AnyConnect Secure Mobility Client prior to 3.1(6042). It is, therefore, affected by a vulnerability due to insufficient validation of the type of host which the client is connecting to. An attacker, by tricking users to connect to a malicious host, can exploit this to force the client to render a crafted authentication form to collect valid credentials.
SolutionUpgrade to Cisco AnyConnect Secure Mobility Client 3.1(6042) or later.