Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2023-36672
HistoryAug 09, 2023 - 12:00 a.m.

CVE-2023-36672

2023-08-0900:00:00
mitre
www.cve.org
clario vpn
plaintext traffic
leakage

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.7%

JSON

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subnet. This allows an adversary to trick the victim into sending arbitrary IP traffic in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to “LocalNet attack resulting in leakage of traffic in plaintext” rather than to only Clario.

Related

cve 1
ubuntucve 1
prion 1
nvd 1
cisco 1
cve
cve
CVE-2023-36672
2023-08-09 23:15:10
ubuntucve
ubuntucve
CVE-2023-36672
2023-08-09 00:00:00
prion
prion
Code injection
2023-08-09 23:15:00
nvd
nvd
CVE-2023-36672
2023-08-09 23:15:10
cisco
cisco
Bypassing Tunnels: Leaking VPN Client Traffic by Abusing Routing Tables Affecting Cisco AnyConnect Secure Mobility Client and Cisco Secure Client
2023-08-08 15:00:00

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.7%

JSON
Related for CVELIST:CVE-2023-36672
cve1ubuntucve1prion1nvd1cisco1