CVE-2017-12268

CVE-2017-12268

Vendor N/A

Product Cisco AnyConnect Network Access Manager

Weakness CWE-264

Published October 5, 2017

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability in the Network Access Manager (NAM) of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to enable multiple network adapters, aka a Dual-Homed Interface vulnerability. The vulnerability is due to insufficient NAM policy enforcement. An attacker could exploit this vulnerability by manipulating network interfaces of the device to allow multiple active network interfaces. A successful exploit could allow the attacker to send traffic over a non-authorized network interface. Cisco Bug IDs: CSCvf66539.

Key dates

02Disclosure timeline

October 5, 2017 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-12268

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE