Meraki

Community

Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service

PhilipDAth
Kind of a big deal
Kind of a big deal
a month ago
a month ago

Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn...

 

"A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device."

Labels:
2 Replies 2
Blue_Bird
Getting noticed
4 weeks ago
4 weeks ago

Thanks for sharing..! @PhilipDAth 

jimmyt234
A model citizen
4 weeks ago
4 weeks ago

Luckily I think 99% of our AnyConnect deployments are leveraging SAML and not using certificate auth so not vulnerable to this!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.