CVE-2014-3314

CVE Database · CVE-2014-3314

CVE-2014-3314

· N/AModified

CVSS v3.1

N/A

EPSS

1.09%

Published

Jan 14, 2015

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cisco AnyConnect on Android and OS X does not properly verify the host type, which allows remote attackers to spoof authentication forms and possibly capture credentials via unspecified vectors, aka Bug IDs CSCuo24931 and CSCuo24940.

Weaknesses (CWE)

CWE-20

Affected Products (2)

cisco · anyconnect_secure_mobility_clientvulnerable

References (2)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3314

Vendor Advisory

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3314

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs