VPN Client version 5.0.0.7.0290 security flaw

mcantone29 · ‎01-14-2011

All,

I wanted to share a recent find. With Windows 7, probably other OS versions are also applicable, if a user launches a valid VPN connection it stays an open connect when opting to 'switch users.' We confirmed this while setting up a new PC and no pre-established profiles on the computer excluding the local initial PC profile. If VPN is open to a local PC profile the IP connection does not disconnect and bleeds into new connections.

M

Herbert Baerten · ‎01-24-2011

Hi,

Thank you for bringing this to our attention. For any (suspected) security vulnerability in a Cisco product, please report it to the Cisco Product Security Incident Response Team (PSIRT) at psirt@cisco.com :

http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html#roosfassv

regards

Herbert

wgarvin · ‎02-11-2011

This vulnerability is being tracked by CSCtn20472. The PSIRT team is tracking it with case number

PSIRT-0847721465. The developers are reviewing it and determining the fix, I will update you directly when it is resolved.

Thanks very much for letting us know. If you encounter vulnerabilities in the future, please send them directly to psirt@cisco.com. Thanks


-Wendy

VPN Client version 5.0.0.7.0290 security flaw

Port-Security - Configuração Básica

AnyConnect VPN Client に関する FAQ

AnyConnect (Windows) 接続時のエラー (The VPN client driver encountered an error.)

Doc-Cisco ISE Posture p/ VPN de Acceso Remoto con Cisco Secure Client

ISE: Security settingsのTLS versionに関して