A high-severity vulnerability in Cisco’s network security software could lay bare sensitive data – such as WebVPN configurations and web cookies – to remote, unauthenticated attackers.