Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client

2024-03-08 08:09

Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF

News URL

https://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html

#cisco #hijacking #patch #VPN #CVE-2024-20337

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-03-06	CVE-2024-20337	A vulnerability in the SAML authentication process of Cisco Secure Client could allow an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF) injection attack against a user.	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Cisco		2047	21	1773	1670	288	3752

News URL

Related news

Related Vulnerability

Related vendor