All the vulnerabilites related to cisco - vpn_3001_concentrator
Vulnerability from fkie_nvd
Published
2006-07-27 22:04
Modified
2024-11-21 00:14
Severity ?
Summary
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html
cve@mitre.orghttp://securityreason.com/securityalert/1293
cve@mitre.orghttp://securitytracker.com/id?1016582
cve@mitre.orghttp://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html
cve@mitre.orghttp://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html
cve@mitre.orghttp://www.osvdb.org/29068
cve@mitre.orghttp://www.securityfocus.com/archive/1/441203/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/19176
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/27972
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5299
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/1293
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016582
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html
af854a3a-2127-422b-91ae-364da2661108http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/29068
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/441203/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/19176
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/27972
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5299
Impacted products
Vendor Product Version
cisco ios *
cisco vpn_3001_concentrator *
cisco vpn_3015_concentrator *
cisco vpn_3020_concentrator *
cisco vpn_3030_concentator *
cisco vpn_3060_concentrator *
cisco vpn_3080_concentrator *
cisco adaptive_security_appliance_software 7.0
cisco adaptive_security_appliance_software 7.0\(4\)
cisco adaptive_security_appliance_software 7.0\(5\)
cisco adaptive_security_appliance_software 7.0.1.4
cisco adaptive_security_appliance_software 7.0.4.3
cisco adaptive_security_appliance_software 7.1\(2\)
cisco vpn_3000_concentrator_series_software 2.0
cisco vpn_3000_concentrator_series_software 2.5.2.a
cisco vpn_3000_concentrator_series_software 2.5.2.b
cisco vpn_3000_concentrator_series_software 2.5.2.c
cisco vpn_3000_concentrator_series_software 2.5.2.d
cisco vpn_3000_concentrator_series_software 2.5.2.f
cisco vpn_3000_concentrator_series_software 3.0
cisco vpn_3000_concentrator_series_software 3.0.3.a
cisco vpn_3000_concentrator_series_software 3.0.3.b
cisco vpn_3000_concentrator_series_software 3.0.4
cisco vpn_3000_concentrator_series_software 3.1
cisco vpn_3000_concentrator_series_software 3.1\(rel\)
cisco vpn_3000_concentrator_series_software 3.1.1
cisco vpn_3000_concentrator_series_software 3.1.2
cisco vpn_3000_concentrator_series_software 3.1.4
cisco vpn_3000_concentrator_series_software 3.5\(rel\)
cisco vpn_3000_concentrator_series_software 3.5.1
cisco vpn_3000_concentrator_series_software 3.5.2
cisco vpn_3000_concentrator_series_software 3.5.3
cisco vpn_3000_concentrator_series_software 3.5.4
cisco vpn_3000_concentrator_series_software 3.5.5
cisco vpn_3000_concentrator_series_software 3.6
cisco vpn_3000_concentrator_series_software 3.6.1
cisco vpn_3000_concentrator_series_software 3.6.3
cisco vpn_3000_concentrator_series_software 3.6.5
cisco vpn_3000_concentrator_series_software 3.6.7
cisco vpn_3000_concentrator_series_software 3.6.7.a
cisco vpn_3000_concentrator_series_software 3.6.7.b
cisco vpn_3000_concentrator_series_software 3.6.7.c
cisco vpn_3000_concentrator_series_software 3.6.7.d
cisco vpn_3000_concentrator_series_software 3.6.7.f
cisco vpn_3000_concentrator_series_software 3.6.7d
cisco vpn_3000_concentrator_series_software 4.0
cisco vpn_3000_concentrator_series_software 4.0.1
cisco vpn_3000_concentrator_series_software 4.0.2
cisco vpn_3000_concentrator_series_software 4.0.5.b
cisco vpn_3000_concentrator_series_software 4.1
cisco vpn_3000_concentrator_series_software 4.1.5.b
cisco vpn_3000_concentrator_series_software 4.1.7.a
cisco vpn_3000_concentrator_series_software 4.1.7.b
cisco vpn_3000_concentrator_series_software 4.1.7.l
cisco vpn_3000_concentrator_series_software 4.7
cisco vpn_3000_concentrator_series_software 4.7\(rel\)
cisco vpn_3000_concentrator_series_software 4.7.1
cisco vpn_3000_concentrator_series_software 4.7.1.f
cisco vpn_3000_concentrator_series_software 4.7.2
cisco vpn_3000_concentrator_series_software 4.7.2.a
cisco vpn_3000_concentrator_series_software 4.7.2.f
cisco vpn_3005_concentrator_software 4.0.1
cisco vpn_3030_concentator 4.7\(rel\)
cisco vpn_3030_concentator 4.7.1
cisco vpn_3030_concentator 4.7.1.f
cisco vpn_3030_concentator 4.7.2
cisco vpn_3030_concentator 4.7.2.a
cisco vpn_3030_concentator 4.7.2.f
cisco pix_asa_ids *
cisco pix_firewall 6.2.2_.111
cisco pix_firewall 6.2.3_\(110\)
cisco pix_firewall 6.3.3_\(133\)
cisco pix_firewall 6.3.5_\(112\)
cisco pix_firewall_501 *
cisco pix_firewall_506 *
cisco pix_firewall_515 *
cisco pix_firewall_515e *
cisco pix_firewall_520 *
cisco pix_firewall_525 *
cisco pix_firewall_535 *
cisco secure_pix_firewall *
cisco pix_firewall_software 2.7
cisco pix_firewall_software 3.0
cisco pix_firewall_software 3.1
cisco pix_firewall_software 4.0
cisco pix_firewall_software 4.1\(6\)
cisco pix_firewall_software 4.1\(6b\)
cisco pix_firewall_software 4.2
cisco pix_firewall_software 4.2\(1\)
cisco pix_firewall_software 4.2\(2\)
cisco pix_firewall_software 4.2\(5\)
cisco pix_firewall_software 4.3
cisco pix_firewall_software 4.4
cisco pix_firewall_software 4.4\(4\)
cisco pix_firewall_software 4.4\(7.202\)
cisco pix_firewall_software 4.4\(8\)
cisco pix_firewall_software 5.0
cisco pix_firewall_software 5.1
cisco pix_firewall_software 5.1\(4\)
cisco pix_firewall_software 5.1\(4.206\)
cisco pix_firewall_software 5.2
cisco pix_firewall_software 5.2\(1\)
cisco pix_firewall_software 5.2\(2\)
cisco pix_firewall_software 5.2\(3.210\)
cisco pix_firewall_software 5.2\(5\)
cisco pix_firewall_software 5.2\(6\)
cisco pix_firewall_software 5.2\(7\)
cisco pix_firewall_software 5.2\(9\)
cisco pix_firewall_software 5.3
cisco pix_firewall_software 5.3\(1\)
cisco pix_firewall_software 5.3\(1.200\)
cisco pix_firewall_software 5.3\(2\)
cisco pix_firewall_software 5.3\(3\)
cisco pix_firewall_software 6.0
cisco pix_firewall_software 6.0\(1\)
cisco pix_firewall_software 6.0\(2\)
cisco pix_firewall_software 6.0\(3\)
cisco pix_firewall_software 6.0\(4\)
cisco pix_firewall_software 6.0\(4.101\)
cisco pix_firewall_software 6.1
cisco pix_firewall_software 6.1\(1\)
cisco pix_firewall_software 6.1\(2\)
cisco pix_firewall_software 6.1\(3\)
cisco pix_firewall_software 6.1\(4\)
cisco pix_firewall_software 6.1\(5\)
cisco pix_firewall_software 6.1.5\(104\)
cisco pix_firewall_software 6.2
cisco pix_firewall_software 6.2\(1\)
cisco pix_firewall_software 6.2\(2\)
cisco pix_firewall_software 6.2\(3\)
cisco pix_firewall_software 6.2\(3.100\)
cisco pix_firewall_software 6.3
cisco pix_firewall_software 6.3\(1\)
cisco pix_firewall_software 6.3\(2\)
cisco pix_firewall_software 6.3\(3\)
cisco pix_firewall_software 6.3\(3.102\)
cisco pix_firewall_software 6.3\(3.109\)
cisco pix_firewall_software 6.3\(5\)


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5802E2D8-7069-474C-826F-AEE7B50BFE34",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3001_concentrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "786346D5-13D8-45C9-B91D-C2AACF675377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A512328-2FD0-4B1D-9327-A13A0BCE9C0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3020_concentrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D50FE2-A4E6-4EF4-A91C-88FB0AF6CCB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6548F964-B8EE-4B39-87CF-99743D41C42C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E08810E6-33B6-45FF-91C7-EED10DC023EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD1A1AC-980F-428E-8BAF-0FC821014868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85ED2D96-5CC9-4851-986A-C9ED5E2D96CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AC150564-7413-401A-9DD8-8AD773F1D8F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D0714F9E-75AD-4405-BBC3-E0D817C05EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EA0DDDD-C987-4DA6-ADEE-77B387C26A92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "49696766-ECCE-4903-AA54-271EFEA58B8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D1557499-D1A1-4A26-80DA-A3D66AA53580",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
              "matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9092680-E154-4EAB-A2D5-B692073F894E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EF5F3FA-5FA4-408E-BA62-3943C5DFD859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADFC9764-5BF5-449F-9200-5569C13F8309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F12F2AAC-DB5B-4C28-86C5-F59490362E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "071F52AD-D59B-4673-BCBE-112B94D3EB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "80709CB0-D386-4C4F-B3EE-7A0501FD7248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2AFAF42-B894-4D62-A9CF-3349A43191AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABE5BB7F-D8B4-441B-9F45-56F622EEAA52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B87A7EC-DC23-4075-8C4A-2317FF34BDB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.d:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AC18E3-D12B-489D-9D95-6C9210235FB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9DB969E-8BE9-46E0-B8AA-5057E320F1ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7d:*:*:*:*:*:*:*",
              "matchCriteriaId": "36291ADE-3D5A-4E49-8BA7-B71CAAA226B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D953DA9F-B54E-4941-85BE-48933C98DB55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12E298AD-26AC-4E1D-83D8-5C2016CC6559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "590283B1-4965-44D3-A0D4-CD90DD6B2D2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.5.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DAF71-5763-44D8-AD1E-5ADE8BC15120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35B6FA9-E504-4CE3-B171-815291A812CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.5.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFA54782-93A8-47BE-863D-89CA3678BF6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "67F66A10-246D-447B-941F-F1175684F0D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "82435757-D892-4298-9176-5EC1FEC93037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.l:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5BAFC4A-D8FB-4450-BC29-83B306000C99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D03F5D3F-6FB1-4A25-B544-D3C973F35DD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7\\(rel\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "432A18AD-A495-4750-85A5-7D82FC321D7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A90348C-94E2-4F04-A887-E7EFFC1ACF12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F5E136E-9215-46A8-A40A-AE964C588A38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9729CAA-8041-43D6-9299-07CCCBFD3907",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.2.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A33500-B013-4863-BF12-27283ACD4AB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.2.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "A13F7BC2-7491-4266-9B32-3E6D8978A6C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3005_concentrator_software:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17196F00-9D7A-4AF6-AE1E-EA2E450A8ABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7\\(rel\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A459B6C2-EE91-43AE-A837-BCF4188BEB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "32200DE2-71BA-417C-AF24-3BE549A68711",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.1.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "25F3F37E-4BBD-4A0E-A1DF-64602D75207D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0722179-9602-42A1-81CA-062D4010B9CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.2.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA0E5615-4855-4A35-BE58-B9B27C7B2CC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.2.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D48968-68F5-49BD-88CF-6C8D73D7F967",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:pix_asa_ids:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "701810DC-0A46-4D01-90BD-03AAF277E4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.3_\\(110\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "900DC321-4CEF-4810-8247-B82FE93F48BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:pix_firewall:6.3.3_\\(133\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "422F8E64-2376-4E82-A1A2-916BFB7172AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:pix_firewall:6.3.5_\\(112\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "54389797-86AA-4744-AA84-9B66FB6E01E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "151D5A44-2D0D-478A-B011-A0892817B814",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "286199EA-71CF-46B4-9131-F1752C2EA82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:secure_pix_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "507B3A76-3F01-4BF0-8A3B-9E620DCB082D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026A2C0D-AD93-49DC-AF72-8C12AD565B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "920FAF7C-2964-497B-B1F8-3B060AAB4C55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D499F38-A34C-44D0-A061-C3AE08CF178B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "63E564B5-A39F-4837-93B8-1331CD975D4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.1\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1EEDB9DD-C862-4783-9F96-88836424B298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.1\\(6b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3BD36C4A-4B90-4012-B4A5-6081C413E302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C39A993C-5A36-4D3F-B8B6-9B3252713127",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B1C4F7D5-DCD0-409C-86BF-A96A5253DF64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8198D129-76D0-4983-BFC4-8EC724FE1B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6BEECFAA-9DD5-4950-B9F1-CF8582225314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "49566EAC-05AF-4880-8000-351AF538E4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "23E9FBEE-3213-47FA-8CBA-C285533265FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "118CBF59-DAD8-468E-B279-F6359E4624F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(7.202\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "957E6F8F-6881-44DE-A687-9D1E0C13F6CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E56328FE-F499-4325-AFEC-45BFEAB7662D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AA2E425-904C-4070-8F5F-B81BCF3147F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "604CF950-5D4B-4DC6-819E-0528B22CB05C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E12887E5-A2BB-4B1E-9621-2961458BCE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1\\(4.206\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3B5BE2F7-687C-477B-818B-A102526DF36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "999A0969-60EB-4B2E-A274-9F05D9F840E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "626E41D2-A5EF-493D-9486-3D9BC3793EAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA31E4D-2215-4E4A-BCCC-B3D922CB752D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(3.210\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4F16AD2C-1CC1-43D9-A944-F67071B62E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A42FFBF7-9ADB-4F14-BED8-F2E53BEE7B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "25D16481-CA9A-4B4D-AC9D-3A4F0387FF19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "56E4588E-6C1F-4720-8082-0EF299435CB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(9\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D24E0E92-59D7-4B16-8B0D-2FD0EE821D93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED24C763-7558-4AC0-AE10-FDA3D3078D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC85ED3-B598-4A87-A2B8-8D3B52ECC2F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(1.200\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C84CE24E-4ED6-43D0-A234-FBD24D22A8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FF84B9FE-7C6C-4578-A5A9-EF0D5EEEEC19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "72C3E2B4-3A36-44B5-90D3-1BF9FAD98579",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1.5\\(104\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F76AED68-8304-4BC6-9D98-64231B08A6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B0D74D2C-662B-4D24-89EE-3DB73F96BBF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5E6D5FD3-CF95-4A3B-9ADB-CEC77F73CA78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected."
    },
    {
      "lang": "es",
      "value": "Protocolo Internet Key Exchange (IKE) version 1, implementado para Cisco IOS, VPN 3000 Concentrators, y PIX firewalls, permite a atacantes remotos provocar denegaci\u00f3n de servicio (agotamiento de recursos) a trav\u00e9s de un flood de paquetes IKE Phase-1 que exceden el ratio de expiraci\u00f3n de la sesi\u00f3n. NOTA: se ha indicado que esto es debido a un dise\u00f1o debil del protocolo IKe version 1, en cuyo caso otros vendedores e implementaciones podr\u00edan verse afectados."
    }
  ],
  "id": "CVE-2006-3906",
  "lastModified": "2024-11-21T00:14:40.813",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-07-27T22:04:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/1293"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016582"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/29068"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/441203/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/19176"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27972"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5299"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/1293"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/29068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/441203/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/19176"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27972"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5299"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2005-12-22 11:03
Modified
2024-11-21 00:04
Severity ?
Summary
The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.
References
cve@mitre.orghttp://secunia.com/advisories/18141
cve@mitre.orghttp://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml
cve@mitre.orghttp://www.osvdb.org/22193
cve@mitre.orghttp://www.securityfocus.com/archive/1/420020/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/420103/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/16025
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/18141
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/22193
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/420020/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/420103/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/16025
Impacted products
Vendor Product Version
cisco vpn_3001_concentrator *
cisco vpn_3015_concentrator *
cisco vpn_3020_concentrator *
cisco vpn_3030_concentator *
cisco vpn_3060_concentrator *
cisco vpn_3080_concentrator *
cisco adaptive_security_appliance_software 7.0
cisco adaptive_security_appliance_software 7.0\(4\)
cisco adaptive_security_appliance_software 7.0.1.4
cisco adaptive_security_appliance_software 7.0.4.3
cisco vpn_3000_concentrator_series_software 2.0
cisco vpn_3000_concentrator_series_software 2.5.2.a
cisco vpn_3000_concentrator_series_software 2.5.2.b
cisco vpn_3000_concentrator_series_software 2.5.2.c
cisco vpn_3000_concentrator_series_software 2.5.2.d
cisco vpn_3000_concentrator_series_software 2.5.2.f
cisco vpn_3000_concentrator_series_software 3.0
cisco vpn_3000_concentrator_series_software 3.0.3.a
cisco vpn_3000_concentrator_series_software 3.0.3.b
cisco vpn_3000_concentrator_series_software 3.0.4
cisco vpn_3000_concentrator_series_software 3.1
cisco vpn_3000_concentrator_series_software 3.1\(rel\)
cisco vpn_3000_concentrator_series_software 3.1.1
cisco vpn_3000_concentrator_series_software 3.1.2
cisco vpn_3000_concentrator_series_software 3.1.4
cisco vpn_3000_concentrator_series_software 3.5\(rel\)
cisco vpn_3000_concentrator_series_software 3.5.1
cisco vpn_3000_concentrator_series_software 3.5.2
cisco vpn_3000_concentrator_series_software 3.5.3
cisco vpn_3000_concentrator_series_software 3.5.4
cisco vpn_3000_concentrator_series_software 3.5.5
cisco vpn_3000_concentrator_series_software 3.6
cisco vpn_3000_concentrator_series_software 3.6.1
cisco vpn_3000_concentrator_series_software 3.6.3
cisco vpn_3000_concentrator_series_software 3.6.5
cisco vpn_3000_concentrator_series_software 3.6.7
cisco vpn_3000_concentrator_series_software 3.6.7.a
cisco vpn_3000_concentrator_series_software 3.6.7.b
cisco vpn_3000_concentrator_series_software 3.6.7.c
cisco vpn_3000_concentrator_series_software 3.6.7.d
cisco vpn_3000_concentrator_series_software 3.6.7.f
cisco vpn_3000_concentrator_series_software 3.6.7d
cisco vpn_3000_concentrator_series_software 4.0
cisco vpn_3000_concentrator_series_software 4.0.1
cisco vpn_3000_concentrator_series_software 4.0.2
cisco vpn_3000_concentrator_series_software 4.0.5.b
cisco vpn_3000_concentrator_series_software 4.1.5.b
cisco vpn_3000_concentrator_series_software 4.1.7.a
cisco vpn_3000_concentrator_series_software 4.1.7.b
cisco vpn_3000_concentrator_series_software 4.7.1
cisco vpn_3000_concentrator_series_software 4.7.1.f
cisco vpn_3005_concentrator_software 4.0.1
cisco vpn_3030_concentator 4.7.1
cisco vpn_3030_concentator 4.7.1.f
cisco pix_asa_ids *
cisco pix_firewall 6.2.2_.111
cisco pix_firewall 6.2.3_\(110\)
cisco pix_firewall 6.3.3_\(133\)
cisco secure_access_control_server *
cisco secure_access_control_server 2.0
cisco secure_access_control_server 2.1
cisco secure_access_control_server 2.3
cisco secure_access_control_server 2.3
cisco secure_access_control_server 2.3.5.1
cisco secure_access_control_server 2.3.6.1
cisco secure_access_control_server 2.4
cisco secure_access_control_server 2.5
cisco secure_access_control_server 2.6
cisco secure_access_control_server 2.6.2
cisco secure_access_control_server 2.6.3
cisco secure_access_control_server 2.6.4
cisco secure_access_control_server 2.42
cisco secure_access_control_server 3.0
cisco secure_access_control_server 3.0
cisco secure_access_control_server 3.0.1
cisco secure_access_control_server 3.0.3
cisco secure_access_control_server 3.1
cisco secure_access_control_server 3.1.1
cisco secure_access_control_server 3.2
cisco secure_access_control_server 3.2
cisco secure_access_control_server 3.2\(1\)
cisco secure_access_control_server 3.2\(1.20\)
cisco secure_access_control_server 3.2\(2\)
cisco secure_access_control_server 3.2\(3\)
cisco secure_access_control_server 3.2.1
cisco secure_access_control_server 3.2.2
cisco secure_access_control_server 3.3
cisco secure_access_control_server 3.3\(1\)
cisco secure_access_control_server 3.3.1
cisco secure_access_control_server 3.3.2
cisco vpn_3002_hardware_client *
cisco pix_firewall_501 *
cisco pix_firewall_506 *
cisco pix_firewall_515 *
cisco pix_firewall_515e *
cisco pix_firewall_520 *
cisco pix_firewall_525 *
cisco pix_firewall_535 *
cisco pix_firewall *
cisco pix_firewall_software 2.7
cisco pix_firewall_software 3.0
cisco pix_firewall_software 3.1
cisco pix_firewall_software 4.0
cisco pix_firewall_software 4.1\(6\)
cisco pix_firewall_software 4.1\(6b\)
cisco pix_firewall_software 4.2
cisco pix_firewall_software 4.2\(1\)
cisco pix_firewall_software 4.2\(2\)
cisco pix_firewall_software 4.2\(5\)
cisco pix_firewall_software 4.3
cisco pix_firewall_software 4.4
cisco pix_firewall_software 4.4\(4\)
cisco pix_firewall_software 4.4\(7.202\)
cisco pix_firewall_software 4.4\(8\)
cisco pix_firewall_software 5.0
cisco pix_firewall_software 5.1
cisco pix_firewall_software 5.1\(4\)
cisco pix_firewall_software 5.1\(4.206\)
cisco pix_firewall_software 5.2
cisco pix_firewall_software 5.2\(1\)
cisco pix_firewall_software 5.2\(2\)
cisco pix_firewall_software 5.2\(3.210\)
cisco pix_firewall_software 5.2\(5\)
cisco pix_firewall_software 5.2\(6\)
cisco pix_firewall_software 5.2\(7\)
cisco pix_firewall_software 5.2\(9\)
cisco pix_firewall_software 5.3
cisco pix_firewall_software 5.3\(1\)
cisco pix_firewall_software 5.3\(1.200\)
cisco pix_firewall_software 5.3\(2\)
cisco pix_firewall_software 5.3\(3\)
cisco pix_firewall_software 6.0
cisco pix_firewall_software 6.0\(1\)
cisco pix_firewall_software 6.0\(2\)
cisco pix_firewall_software 6.0\(3\)
cisco pix_firewall_software 6.0\(4\)
cisco pix_firewall_software 6.0\(4.101\)
cisco pix_firewall_software 6.1
cisco pix_firewall_software 6.1\(1\)
cisco pix_firewall_software 6.1\(2\)
cisco pix_firewall_software 6.1\(3\)
cisco pix_firewall_software 6.1\(4\)
cisco pix_firewall_software 6.1\(5\)
cisco pix_firewall_software 6.1.5\(104\)
cisco pix_firewall_software 6.2
cisco pix_firewall_software 6.2\(1\)
cisco pix_firewall_software 6.2\(2\)
cisco pix_firewall_software 6.2\(3\)
cisco pix_firewall_software 6.2\(3.100\)
cisco pix_firewall_software 6.3
cisco pix_firewall_software 6.3\(1\)
cisco pix_firewall_software 6.3\(2\)
cisco pix_firewall_software 6.3\(3\)
cisco pix_firewall_software 6.3\(3.102\)
cisco pix_firewall_software 6.3\(3.109\)
cisco pix_firewall_software 6.3\(5\)


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3001_concentrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "786346D5-13D8-45C9-B91D-C2AACF675377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A512328-2FD0-4B1D-9327-A13A0BCE9C0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3020_concentrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5D50FE2-A4E6-4EF4-A91C-88FB0AF6CCB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6548F964-B8EE-4B39-87CF-99743D41C42C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E08810E6-33B6-45FF-91C7-EED10DC023EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD1A1AC-980F-428E-8BAF-0FC821014868",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85ED2D96-5CC9-4851-986A-C9ED5E2D96CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AC150564-7413-401A-9DD8-8AD773F1D8F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EA0DDDD-C987-4DA6-ADEE-77B387C26A92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "49696766-ECCE-4903-AA54-271EFEA58B8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
              "matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9092680-E154-4EAB-A2D5-B692073F894E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EF5F3FA-5FA4-408E-BA62-3943C5DFD859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADFC9764-5BF5-449F-9200-5569C13F8309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F12F2AAC-DB5B-4C28-86C5-F59490362E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "071F52AD-D59B-4673-BCBE-112B94D3EB66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "80709CB0-D386-4C4F-B3EE-7A0501FD7248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2AFAF42-B894-4D62-A9CF-3349A43191AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABE5BB7F-D8B4-441B-9F45-56F622EEAA52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.c:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B87A7EC-DC23-4075-8C4A-2317FF34BDB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.d:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AC18E3-D12B-489D-9D95-6C9210235FB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9DB969E-8BE9-46E0-B8AA-5057E320F1ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7d:*:*:*:*:*:*:*",
              "matchCriteriaId": "36291ADE-3D5A-4E49-8BA7-B71CAAA226B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D953DA9F-B54E-4941-85BE-48933C98DB55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "12E298AD-26AC-4E1D-83D8-5C2016CC6559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "590283B1-4965-44D3-A0D4-CD90DD6B2D2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.5.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B71DAF71-5763-44D8-AD1E-5ADE8BC15120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.5.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFA54782-93A8-47BE-863D-89CA3678BF6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.a:*:*:*:*:*:*:*",
              "matchCriteriaId": "67F66A10-246D-447B-941F-F1175684F0D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.b:*:*:*:*:*:*:*",
              "matchCriteriaId": "82435757-D892-4298-9176-5EC1FEC93037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A90348C-94E2-4F04-A887-E7EFFC1ACF12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F5E136E-9215-46A8-A40A-AE964C588A38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3005_concentrator_software:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "17196F00-9D7A-4AF6-AE1E-EA2E450A8ABD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "32200DE2-71BA-417C-AF24-3BE549A68711",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.1.f:*:*:*:*:*:*:*",
              "matchCriteriaId": "25F3F37E-4BBD-4A0E-A1DF-64602D75207D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:pix_asa_ids:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "701810DC-0A46-4D01-90BD-03AAF277E4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.3_\\(110\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "900DC321-4CEF-4810-8247-B82FE93F48BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:pix_firewall:6.3.3_\\(133\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "422F8E64-2376-4E82-A1A2-916BFB7172AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE5C8F8B-4F20-4635-81FF-92F144F43793",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.0:*:unix:*:*:*:*:*",
              "matchCriteriaId": "22B6CD99-5B21-4961-AD47-B1722E586664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.1:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "3BF391B2-17C6-4633-8CE9-35B637BFDC79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3:*:unix:*:*:*:*:*",
              "matchCriteriaId": "7889030E-97F7-4CCD-8050-5250B1F58C26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "26B0CB70-CC82-4FF1-882C-0712354DA113",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3.5.1:*:unix:*:*:*:*:*",
              "matchCriteriaId": "543A3774-28EB-406D-830E-957B5E9E7A66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3.6.1:*:unix:*:*:*:*:*",
              "matchCriteriaId": "B0B5C19A-58BB-4A7A-886D-3567B37F466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.4:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "4126D9DE-A75E-4A9E-9DA7-1477D5688872",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.5:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "0354C50C-4104-4960-B1EE-F212CD3D6AE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "DE9B81AC-1D16-4FDF-B438-3D3ED2BE9538",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6.2:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "8F515D7A-D663-49F0-8F12-1484000505FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6.3:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "A668278F-8080-4295-95EB-88341478D16B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6.4:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "A66BED35-F385-4A0C-9416-6F007536133E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.42:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "5EA57609-522C-4431-92AE-4FF11AA67320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D05855-C8C1-4243-8438-5A36A01A8F48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "A60B49A7-B569-4485-A6B3-E14B9FB96950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0.1:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "FA889730-B2FF-4219-BBCA-A4364BA61EAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0.3:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "8731D5CC-A6F9-48DB-B1D1-FD50CEAC63D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB11A75E-2E4B-4B83-B763-CBBC1D9DFB36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.1.1:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "DFFE6A50-B704-42BB-8FFF-27E9F4D3B576",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "109147BF-3225-48E4-8BE1-2E5B59921032",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:windows_server:*:*:*:*:*",
              "matchCriteriaId": "7CDA01B6-6887-40BB-B541-65F198D03219",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "86806D6E-1BDF-4253-AEB7-D9D88D224812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(1.20\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B0BD6882-379C-4EA7-8E51-124273C5A56F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "680E5A81-6409-4CE7-8496-D7845FD7E851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3868E060-0278-491A-9943-1A2E435C7606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F39D3441-C84A-403A-ACB4-8019579EE4DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "61ED039B-C3E6-4BC8-A97A-351EC9CEAF16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2793200-D95D-4BD3-8DF2-4A847230FBE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0E587654-B5A0-47A4-BED6-D8DB69AEF566",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F07B954-817F-47AC-BCAC-3DA697A6E2F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CC1B599-05C0-4FB5-A47B-5D858DAB43A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "151D5A44-2D0D-478A-B011-A0892817B814",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "286199EA-71CF-46B4-9131-F1752C2EA82D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2C5A417-C48D-4799-A766-7B231ADF27C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "026A2C0D-AD93-49DC-AF72-8C12AD565B2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "920FAF7C-2964-497B-B1F8-3B060AAB4C55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D499F38-A34C-44D0-A061-C3AE08CF178B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "63E564B5-A39F-4837-93B8-1331CD975D4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.1\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1EEDB9DD-C862-4783-9F96-88836424B298",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.1\\(6b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3BD36C4A-4B90-4012-B4A5-6081C413E302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C39A993C-5A36-4D3F-B8B6-9B3252713127",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B1C4F7D5-DCD0-409C-86BF-A96A5253DF64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8198D129-76D0-4983-BFC4-8EC724FE1B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6BEECFAA-9DD5-4950-B9F1-CF8582225314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "49566EAC-05AF-4880-8000-351AF538E4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "23E9FBEE-3213-47FA-8CBA-C285533265FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "118CBF59-DAD8-468E-B279-F6359E4624F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(7.202\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "957E6F8F-6881-44DE-A687-9D1E0C13F6CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E56328FE-F499-4325-AFEC-45BFEAB7662D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AA2E425-904C-4070-8F5F-B81BCF3147F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "604CF950-5D4B-4DC6-819E-0528B22CB05C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E12887E5-A2BB-4B1E-9621-2961458BCE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1\\(4.206\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3B5BE2F7-687C-477B-818B-A102526DF36D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "999A0969-60EB-4B2E-A274-9F05D9F840E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "626E41D2-A5EF-493D-9486-3D9BC3793EAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA31E4D-2215-4E4A-BCCC-B3D922CB752D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(3.210\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4F16AD2C-1CC1-43D9-A944-F67071B62E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A42FFBF7-9ADB-4F14-BED8-F2E53BEE7B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "25D16481-CA9A-4B4D-AC9D-3A4F0387FF19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "56E4588E-6C1F-4720-8082-0EF299435CB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(9\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D24E0E92-59D7-4B16-8B0D-2FD0EE821D93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED24C763-7558-4AC0-AE10-FDA3D3078D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC85ED3-B598-4A87-A2B8-8D3B52ECC2F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(1.200\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C84CE24E-4ED6-43D0-A234-FBD24D22A8A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FF84B9FE-7C6C-4578-A5A9-EF0D5EEEEC19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "72C3E2B4-3A36-44B5-90D3-1BF9FAD98579",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1.5\\(104\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F76AED68-8304-4BC6-9D98-64231B08A6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B0D74D2C-662B-4D24-89EE-3DB73F96BBF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5E6D5FD3-CF95-4A3B-9ADB-CEC77F73CA78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS."
    }
  ],
  "id": "CVE-2005-4499",
  "lastModified": "2024-11-21T00:04:24.143",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-22T11:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/18141"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/22193"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/16025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18141"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/22193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/16025"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2006-3906
Vulnerability from cvelistv5
Published
2006-07-27 22:00
Modified
2024-08-07 18:48
Severity ?
Summary
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.
References
http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.htmlx_refsource_MISC
http://www.securityfocus.com/bid/19176vdb-entry, x_refsource_BID
http://www.securityfocus.com/archive/1/441203/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.osvdb.org/29068vdb-entry, x_refsource_OSVDB
http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.htmlmailing-list, x_refsource_BUGTRAQ
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5299vdb-entry, signature, x_refsource_OVAL
http://securitytracker.com/id?1016582vdb-entry, x_refsource_SECTRACK
http://securityreason.com/securityalert/1293third-party-advisory, x_refsource_SREASON
http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.htmlvendor-advisory, x_refsource_CISCO
https://exchange.xforce.ibmcloud.com/vulnerabilities/27972vdb-entry, x_refsource_XF
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:48:39.430Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html"
          },
          {
            "name": "19176",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19176"
          },
          {
            "name": "20060726 Cisco VPN Concentrator IKE resource exhaustion DoS Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/441203/100/0/threaded"
          },
          {
            "name": "29068",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/29068"
          },
          {
            "name": "20060728 Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html"
          },
          {
            "name": "oval:org.mitre.oval:def:5299",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5299"
          },
          {
            "name": "1016582",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016582"
          },
          {
            "name": "1293",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/1293"
          },
          {
            "name": "20060726 Internet Key Exchange Resource Exhaustion Attack",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html"
          },
          {
            "name": "cisco-ike-resource-exhaustion-dos(27972)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27972"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-07-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html"
        },
        {
          "name": "19176",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19176"
        },
        {
          "name": "20060726 Cisco VPN Concentrator IKE resource exhaustion DoS Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/441203/100/0/threaded"
        },
        {
          "name": "29068",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/29068"
        },
        {
          "name": "20060728 Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html"
        },
        {
          "name": "oval:org.mitre.oval:def:5299",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5299"
        },
        {
          "name": "1016582",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016582"
        },
        {
          "name": "1293",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/1293"
        },
        {
          "name": "20060726 Internet Key Exchange Resource Exhaustion Attack",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html"
        },
        {
          "name": "cisco-ike-resource-exhaustion-dos(27972)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27972"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3906",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html",
              "refsource": "MISC",
              "url": "http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html"
            },
            {
              "name": "19176",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19176"
            },
            {
              "name": "20060726 Cisco VPN Concentrator IKE resource exhaustion DoS Advisory",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/441203/100/0/threaded"
            },
            {
              "name": "29068",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/29068"
            },
            {
              "name": "20060728 Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2006-07/0531.html"
            },
            {
              "name": "oval:org.mitre.oval:def:5299",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5299"
            },
            {
              "name": "1016582",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016582"
            },
            {
              "name": "1293",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/1293"
            },
            {
              "name": "20060726 Internet Key Exchange Resource Exhaustion Attack",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/tech/tk583/tk372/tsd_technology_security_response09186a00806f33d4.html"
            },
            {
              "name": "cisco-ike-resource-exhaustion-dos(27972)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27972"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3906",
    "datePublished": "2006-07-27T22:00:00",
    "dateReserved": "2006-07-27T00:00:00",
    "dateUpdated": "2024-08-07T18:48:39.430Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4499
Vulnerability from cvelistv5
Published
2005-12-22 11:00
Modified
2024-08-07 23:46
Severity ?
Summary
The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.
References
http://www.securityfocus.com/archive/1/420020/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/16025vdb-entry, x_refsource_BID
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtmlx_refsource_MISC
http://www.osvdb.org/22193vdb-entry, x_refsource_OSVDB
http://www.securityfocus.com/archive/1/420103/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/18141third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:46:05.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20051221 Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
          },
          {
            "name": "16025",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16025"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
          },
          {
            "name": "22193",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22193"
          },
          {
            "name": "20051222 Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
          },
          {
            "name": "18141",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18141"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-12-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20051221 Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
        },
        {
          "name": "16025",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16025"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
        },
        {
          "name": "22193",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22193"
        },
        {
          "name": "20051222 Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
        },
        {
          "name": "18141",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18141"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4499",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20051221 Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
            },
            {
              "name": "16025",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16025"
            },
            {
              "name": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml",
              "refsource": "MISC",
              "url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
            },
            {
              "name": "22193",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22193"
            },
            {
              "name": "20051222 Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
            },
            {
              "name": "18141",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18141"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4499",
    "datePublished": "2005-12-22T11:00:00",
    "dateReserved": "2005-12-22T00:00:00",
    "dateUpdated": "2024-08-07T23:46:05.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}