CVE-2010-3901

OpenConnect before 2.25 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary AnyConnect SSL VPN servers via a crafted server certificate that (1) does not correspond to the server hostname or (2) is presented in circumstances involving a missing --cafile configuration option.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
VendorProductVersion
infradeadopenconnect
𝑥
≤ 2.22
infradeadopenconnect
1.00
infradeadopenconnect
1.10
infradeadopenconnect
1.20
infradeadopenconnect
1.30
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openconnect
bullseye
8.10-2
fixed
bookworm
9.01-3
fixed
sid
9.12-3
fixed
trixie
9.12-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openconnect
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
not-affected
natty
not-affected
maverick
ignored
lucid
ignored
karmic
ignored
jaunty
dne
hardy
dne
dapper
dne
Common Weakness Enumeration
References
http://www.infradead.org/openconnect.html
http://www.openwall.com/lists/oss-security/2010/08/01/1
http://www.openwall.com/lists/oss-security/2010/08/02/7
http://www.infradead.org/openconnect.html
http://www.openwall.com/lists/oss-security/2010/08/01/1
http://www.openwall.com/lists/oss-security/2010/08/02/7