Cisco · Cisco Anyconnect Secure Mobility Client · CVE-2019-16007
**Name of the Vulnerable Software and Affected Versions**
Cisco AnyConnect Secure Mobility Client versions (affected versions not specified)
**Description**
The issue is related to insufficient authentication of data in the Cisco AnyConnect Secure Mobility Client, which could allow an unauthenticated, local attacker to perform a service hijack attack or cause a denial of service (DoS) condition. This is due to the use of implicit service invocations. An attacker could exploit this by persuading a user to install a malicious application, potentially accessing confidential user information or causing a DoS condition on the AnyConnect application.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.