CVE-2010-3903

Unspecified vulnerability in OpenConnect before 2.23 allows remote AnyConnect SSL VPN servers to cause a denial of service (application crash) via a 404 HTTP status code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
VendorProductVersion
infradeadopenconnect
𝑥
≤ 2.22
infradeadopenconnect
1.00
infradeadopenconnect
1.10
infradeadopenconnect
1.20
infradeadopenconnect
1.30
infradeadopenconnect
1.40
infradeadopenconnect
2.00
infradeadopenconnect
2.01
infradeadopenconnect
2.10
infradeadopenconnect
2.11
infradeadopenconnect
2.12
infradeadopenconnect
2.20
infradeadopenconnect
2.21
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openconnect
bullseye
8.10-2
fixed
bookworm
9.01-3
fixed
sid
9.12-3
fixed
trixie
9.12-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openconnect
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
not-affected
natty
not-affected
maverick
ignored
lucid
ignored
karmic
ignored
jaunty
dne
hardy
dne
dapper
dne
References
http://www.infradead.org/openconnect.html
http://www.infradead.org/openconnect.html