CVE-2018-0334

Description

A vulnerability in the certificate management subsystem of Cisco AnyConnect Network Access Manager and of Cisco AnyConnect Secure Mobility Client for iOS, Mac OS X, Android, Windows, and Linux could allow an unauthenticated, remote attacker to bypass the TLS certificate check when downloading certain configuration files. The vulnerability is due to improper use of Simple Certificate Enrollment Protocol and improper server certificate validation. An attacker could exploit this vulnerability by preparing malicious profile and localization files for Cisco AnyConnect to use. A successful exploit could allow the attacker to remotely change the configuration profile, a certificate, or the localization data used by AnyConnect Secure Mobility Client. Cisco Bug IDs: CSCvh23141.

Risk Information

Base Score

4.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS Score

Exploitation Probability

0.076

Associated Vulnerability

Vulnerability	OS Platform
Vulnerability CVE-2018-0229,CVE-2018-0334,CVE-2018-0373,CVE-2019-1853 are affected in Cisco AnyConnect Secure Mobility Client For Windows 4.6	Windows
Vulnerabilities CVE-2018-0334 are affected in Any Connect (Microsoft Store) 4.6(100)	Windows
Cisco AnyConnect Secure Mobility Client Certificate Bypass Vulnerability For Cisco AnyConnect Secure Mobility Client	NCM
Improper Certificate Validation Vulnerability (CVE-2018-0334)	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-1705981	Security Update for Cisco AnyConnect Secure Mobility Client 4.3(2034)
PATCH-338372	Cisco AnyConnect Secure Mobility Client (4.10.08029) (Manual Upload Required)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234