OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow remote attackers to obtain sensitive information by reading this output, as demonstrated by output posted to the public openconnect-devel mailing list.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2010-10-12T21:00:00
Updated: 2024-08-07T03:26:11.905Z
Reserved: 2010-10-12T00:00:00
Link: CVE-2010-3902

No data.

Status : Modified
Published: 2010-10-14T05:58:42.927
Modified: 2024-11-21T01:19:51.967
Link: CVE-2010-3902

No data.