CVE-2019-1853

Name of the Vulnerable Software and Affected Versions Cisco AnyConnect Secure Mobility Client for Linux (affected versions not specified)

Description A vulnerability in the HostScan component could allow an unauthenticated, remote attacker to read sensitive information on an affected system. The issue exists due to improper bounds checks, allowing an attacker to exploit it by crafting HTTP traffic for the affected component to download and process. A successful exploit could allow the attacker to read sensitive information on the affected system. The vulnerability is related to a buffer overflow in memory, which can be exploited using specially crafted HTTP traffic.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.