All the vulnerabilites related to cisco - vpn_3002_hardware_client
cve-2005-0943
Vulnerability from cvelistv5
Published
2005-04-03 05:00
Modified
2024-08-07 21:28
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/12948 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/14784 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/19903 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:29.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050330 Cisco VPN 3000 Concentrator Vulnerable to Crafted SSL Attack",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml"
},
{
"name": "12948",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12948"
},
{
"name": "14784",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14784"
},
{
"name": "cisco-vpn-3000-dos(19903)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19903"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050330 Cisco VPN 3000 Concentrator Vulnerable to Crafted SSL Attack",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml"
},
{
"name": "12948",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12948"
},
{
"name": "14784",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14784"
},
{
"name": "cisco-vpn-3000-dos(19903)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19903"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0943",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050330 Cisco VPN 3000 Concentrator Vulnerable to Crafted SSL Attack",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml"
},
{
"name": "12948",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12948"
},
{
"name": "14784",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14784"
},
{
"name": "cisco-vpn-3000-dos(19903)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19903"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0943",
"datePublished": "2005-04-03T05:00:00",
"dateReserved": "2005-04-03T00:00:00",
"dateUpdated": "2024-08-07T21:28:29.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1102
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/10027 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/5622 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "cisco-vpn-lan-connection-dos(10027)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10027"
},
{
"name": "5622",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5622"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-07-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "cisco-vpn-lan-connection-dos(10027)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10027"
},
{
"name": "5622",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5622"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "cisco-vpn-lan-connection-dos(10027)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10027"
},
{
"name": "5622",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5622"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1102",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-09-06T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1103
Vulnerability from cvelistv5
Published
2002-09-10 04:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.kb.cert.org/vuls/id/761651 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "VU#761651",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/761651"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-09-24T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "VU#761651",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/761651"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "VU#761651",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/761651"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1103",
"datePublished": "2002-09-10T04:00:00",
"dateReserved": "2002-09-06T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0258
Vulnerability from cvelistv5
Published
2003-05-08 04:00
Modified
2024-08-08 01:50
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/727780 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11954 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:50:46.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#727780",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/727780"
},
{
"name": "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"name": "cisco-vpn-unauth-access(11954)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11954"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#727780",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/727780"
},
{
"name": "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"name": "cisco-vpn-unauth-access(11954)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11954"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#727780",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/727780"
},
{
"name": "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"name": "cisco-vpn-unauth-access(11954)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11954"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0258",
"datePublished": "2003-05-08T04:00:00",
"dateReserved": "2003-05-07T00:00:00",
"dateUpdated": "2024-08-08T01:50:46.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0260
Vulnerability from cvelistv5
Published
2003-05-08 04:00
Modified
2024-08-08 01:50
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11956 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/221164 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:50:46.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-vpn-icmp-dos(11956)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11956"
},
{
"name": "VU#221164",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/221164"
},
{
"name": "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cisco-vpn-icmp-dos(11956)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11956"
},
{
"name": "VU#221164",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/221164"
},
{
"name": "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-vpn-icmp-dos(11956)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11956"
},
{
"name": "VU#221164",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/221164"
},
{
"name": "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0260",
"datePublished": "2003-05-08T04:00:00",
"dateReserved": "2003-05-07T00:00:00",
"dateUpdated": "2024-08-08T01:50:46.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1094
Vulnerability from cvelistv5
Published
2002-09-10 04:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.iss.net/security_center/static/10020.php | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/5624 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/5621 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/5623 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "cisco-vpn-banner-information(10020)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10020.php"
},
{
"name": "5624",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5624"
},
{
"name": "5621",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5621"
},
{
"name": "5623",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-01-10T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "cisco-vpn-banner-information(10020)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10020.php"
},
{
"name": "5624",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5624"
},
{
"name": "5621",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5621"
},
{
"name": "5623",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "cisco-vpn-banner-information(10020)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10020.php"
},
{
"name": "5624",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5624"
},
{
"name": "5621",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5621"
},
{
"name": "5623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1094",
"datePublished": "2002-09-10T04:00:00",
"dateReserved": "2002-09-06T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1096
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/5611 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/10019.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5611",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5611"
},
{
"name": "cisco-vpn-user-passwords(10019)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10019.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-01-10T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5611",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5611"
},
{
"name": "cisco-vpn-user-passwords(10019)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10019.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5611",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5611"
},
{
"name": "cisco-vpn-user-passwords(10019)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10019.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1096",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-09-06T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1101
Vulnerability from cvelistv5
Published
2002-09-10 04:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-18T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1101",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1101",
"datePublished": "2002-09-10T04:00:00",
"dateReserved": "2002-09-06T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-0259
Vulnerability from cvelistv5
Published
2003-05-08 04:00
Modified
2024-08-08 01:50
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11955 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.kb.cert.org/vuls/id/317348 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:50:47.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-vpn-ssh-dos(11955)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11955"
},
{
"name": "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"name": "VU#317348",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/317348"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cisco-vpn-ssh-dos(11955)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11955"
},
{
"name": "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"name": "VU#317348",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/317348"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0259",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-vpn-ssh-dos(11955)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11955"
},
{
"name": "20030507 Cisco VPN 3000 Concentrator Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"name": "VU#317348",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/317348"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0259",
"datePublished": "2003-05-08T04:00:00",
"dateReserved": "2003-05-07T00:00:00",
"dateUpdated": "2024-08-08T01:50:47.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1097
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/5612 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/10022.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5612"
},
{
"name": "cisco-vpn-certificate-passwords(10022)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10022.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-01-10T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5612"
},
{
"name": "cisco-vpn-certificate-passwords(10022)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10022.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1097",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5612"
},
{
"name": "cisco-vpn-certificate-passwords(10022)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10022.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1097",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-09-06T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1095
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/5625 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/10021.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.003Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5625",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5625"
},
{
"name": "cisco-vpn-pptp-dos(10021)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10021.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the \"No Encryption\" option set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-01-10T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5625",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5625"
},
{
"name": "cisco-vpn-pptp-dos(10021)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10021.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the \"No Encryption\" option set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5625",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5625"
},
{
"name": "cisco-vpn-pptp-dos(10021)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10021.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1095",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-09-06T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1098
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/5614 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/10023.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5614",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5614"
},
{
"name": "cisco-vpn-xml-filter(10023)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10023.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an \"HTTPS on Public Inbound (XML-Auto)(forward/in)\" rule but sets the protocol to \"ANY\" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-10-15T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5614",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5614"
},
{
"name": "cisco-vpn-xml-filter(10023)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10023.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1098",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an \"HTTPS on Public Inbound (XML-Auto)(forward/in)\" rule but sets the protocol to \"ANY\" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5614"
},
{
"name": "cisco-vpn-xml-filter(10023)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10023.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1098",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-09-06T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1100
Vulnerability from cvelistv5
Published
2002-09-10 04:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/5617 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/10025.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5617",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5617"
},
{
"name": "cisco-vpn-html-interface-dos(10025)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10025.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-01-10T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5617",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5617"
},
{
"name": "cisco-vpn-html-interface-dos(10025)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10025.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5617",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5617"
},
{
"name": "cisco-vpn-html-interface-dos(10025)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10025.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1100",
"datePublished": "2002-09-10T04:00:00",
"dateReserved": "2002-09-06T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1099
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
EPSS score ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/5616 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/10024.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:17.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5616",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5616"
},
{
"name": "cisco-vpn-web-access(10024)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10024.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-01-10T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5616",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5616"
},
{
"name": "cisco-vpn-web-access(10024)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10024.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1099",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"name": "5616",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5616"
},
{
"name": "cisco-vpn-web-access(10024)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10024.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1099",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-09-06T00:00:00",
"dateUpdated": "2024-08-08T03:12:17.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-4499
Vulnerability from cvelistv5
Published
2005-12-22 11:00
Modified
2024-08-07 23:46
Severity ?
EPSS score ?
Summary
The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/420020/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/16025 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml | x_refsource_MISC | |
| http://www.osvdb.org/22193 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/420103/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/18141 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:46:05.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051221 Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
},
{
"name": "16025",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16025"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
},
{
"name": "22193",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22193"
},
{
"name": "20051222 Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
},
{
"name": "18141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18141"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051221 Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
},
{
"name": "16025",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16025"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
},
{
"name": "22193",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22193"
},
{
"name": "20051222 Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
},
{
"name": "18141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18141"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-4499",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051221 Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
},
{
"name": "16025",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16025"
},
{
"name": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml",
"refsource": "MISC",
"url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
},
{
"name": "22193",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22193"
},
{
"name": "20051222 Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
},
{
"name": "18141",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18141"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-4499",
"datePublished": "2005-12-22T11:00:00",
"dateReserved": "2005-12-22T00:00:00",
"dateUpdated": "2024-08-07T23:46:05.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93500B0E-5EE6-49C1-AD66-3AB007020B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages."
}
],
"id": "CVE-2002-1099",
"lastModified": "2024-11-20T23:40:35.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10024.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10024.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5616"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-03-30 05:00
Modified
2024-11-20 23:56
Severity ?
Summary
Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A512328-2FD0-4B1D-9327-A13A0BCE9C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3020_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D50FE2-A4E6-4EF4-A91C-88FB0AF6CCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6548F964-B8EE-4B39-87CF-99743D41C42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E08810E6-33B6-45FF-91C7-EED10DC023EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD1A1AC-980F-428E-8BAF-0FC821014868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9092680-E154-4EAB-A2D5-B692073F894E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF5F3FA-5FA4-408E-BA62-3943C5DFD859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFC9764-5BF5-449F-9200-5569C13F8309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12F2AAC-DB5B-4C28-86C5-F59490362E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "071F52AD-D59B-4673-BCBE-112B94D3EB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "80709CB0-D386-4C4F-B3EE-7A0501FD7248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.a:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AFAF42-B894-4D62-A9CF-3349A43191AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.b:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE5BB7F-D8B4-441B-9F45-56F622EEAA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.c:*:*:*:*:*:*:*",
"matchCriteriaId": "8B87A7EC-DC23-4075-8C4A-2317FF34BDB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.d:*:*:*:*:*:*:*",
"matchCriteriaId": "98AC18E3-D12B-489D-9D95-6C9210235FB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.f:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DB969E-8BE9-46E0-B8AA-5057E320F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "36291ADE-3D5A-4E49-8BA7-B71CAAA226B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D953DA9F-B54E-4941-85BE-48933C98DB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12E298AD-26AC-4E1D-83D8-5C2016CC6559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.5.b:*:*:*:*:*:*:*",
"matchCriteriaId": "B71DAF71-5763-44D8-AD1E-5ADE8BC15120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B35B6FA9-E504-4CE3-B171-815291A812CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.5.b:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA54782-93A8-47BE-863D-89CA3678BF6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.a:*:*:*:*:*:*:*",
"matchCriteriaId": "67F66A10-246D-447B-941F-F1175684F0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3005_concentrator_software:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17196F00-9D7A-4AF6-AE1E-EA2E450A8ABD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet."
}
],
"id": "CVE-2005-0943",
"lastModified": "2024-11-20T23:56:14.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-03-30T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14784"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12948"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/14784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/12948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19903"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-05-27 04:00
Modified
2024-11-20 23:44
Severity ?
Summary
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A512328-2FD0-4B1D-9327-A13A0BCE9C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6548F964-B8EE-4B39-87CF-99743D41C42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E08810E6-33B6-45FF-91C7-EED10DC023EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD1A1AC-980F-428E-8BAF-0FC821014868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9092680-E154-4EAB-A2D5-B692073F894E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF5F3FA-5FA4-408E-BA62-3943C5DFD859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFC9764-5BF5-449F-9200-5569C13F8309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12F2AAC-DB5B-4C28-86C5-F59490362E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "071F52AD-D59B-4673-BCBE-112B94D3EB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "80709CB0-D386-4C4F-B3EE-7A0501FD7248",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets."
},
{
"lang": "es",
"value": "Concentradores de Cisco de la serie VPN 3000 y Cisco VPN 3002 Hardware Client 2.x.x hasta 3.6.7A permiten que atacantes remotos causen una denegaci\u00f3n de servicio (ralentizaci\u00f3n y posiblemente recarga) mediante una inundaci\u00f3n con paquetes ICMP mal constru\u00eddos."
}
],
"id": "CVE-2003-0260",
"lastModified": "2024-11-20T23:44:20.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-05-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/221164"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/221164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11956"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-05-27 04:00
Modified
2024-11-20 23:44
Severity ?
Summary
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A512328-2FD0-4B1D-9327-A13A0BCE9C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6548F964-B8EE-4B39-87CF-99743D41C42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E08810E6-33B6-45FF-91C7-EED10DC023EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD1A1AC-980F-428E-8BAF-0FC821014868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9092680-E154-4EAB-A2D5-B692073F894E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF5F3FA-5FA4-408E-BA62-3943C5DFD859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFC9764-5BF5-449F-9200-5569C13F8309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12F2AAC-DB5B-4C28-86C5-F59490362E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "071F52AD-D59B-4673-BCBE-112B94D3EB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "80709CB0-D386-4C4F-B3EE-7A0501FD7248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.a:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AFAF42-B894-4D62-A9CF-3349A43191AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.b:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE5BB7F-D8B4-441B-9F45-56F622EEAA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.c:*:*:*:*:*:*:*",
"matchCriteriaId": "8B87A7EC-DC23-4075-8C4A-2317FF34BDB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.d:*:*:*:*:*:*:*",
"matchCriteriaId": "98AC18E3-D12B-489D-9D95-6C9210235FB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "36291ADE-3D5A-4E49-8BA7-B71CAAA226B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D953DA9F-B54E-4941-85BE-48933C98DB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3005_concentrator_software:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17196F00-9D7A-4AF6-AE1E-EA2E450A8ABD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication."
},
{
"lang": "es",
"value": "Concentradores de Cisco de la serie VPN 3000 y Cisco VPN 3002 Hardware Client 2.x.x hasta 4.0.REL, cuando se configuran para permitir IPSec sobre TCP para un puerto del concentrador, permiten que atacantes remotos alcancen la red privada sin autentificaci\u00f3n."
}
],
"id": "CVE-2003-0258",
"lastModified": "2024-11-20T23:44:19.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-05-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/727780"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11954"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/727780"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11954"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93500B0E-5EE6-49C1-AD66-3AB007020B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface."
}
],
"id": "CVE-2002-1100",
"lastModified": "2024-11-20T23:40:35.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10025.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10025.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5617"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93500B0E-5EE6-49C1-AD66-3AB007020B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection."
}
],
"id": "CVE-2002-1102",
"lastModified": "2024-11-20T23:40:35.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5622"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5622"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10027"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | Vendor Advisory | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/761651 | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/761651 | Patch, Third Party Advisory, US Government Resource |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93500B0E-5EE6-49C1-AD66-3AB007020B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1866690B-BCF3-4134-946D-FB4AE1269961",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets."
}
],
"id": "CVE-2002-1103",
"lastModified": "2024-11-20T23:40:36.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/761651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/761651"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vpn_3000_concentrator_series_software | 2.0 | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.a | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.b | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.c | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.d | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.f | |
| cisco | vpn_3000_concentrator_series_software | 3.0 | |
| cisco | vpn_3000_concentrator_series_software | 3.0\(rel\) | |
| cisco | vpn_3000_concentrator_series_software | 3.0.3.a | |
| cisco | vpn_3000_concentrator_series_software | 3.0.3.b | |
| cisco | vpn_3000_concentrator_series_software | 3.0.4 | |
| cisco | vpn_3000_concentrator_series_software | 3.1 | |
| cisco | vpn_3000_concentrator_series_software | 3.1\(rel\) | |
| cisco | vpn_3000_concentrator_series_software | 3.1.1 | |
| cisco | vpn_3000_concentrator_series_software | 3.1.2 | |
| cisco | vpn_3000_concentrator_series_software | 3.5\(rel\) | |
| cisco | vpn_3002_hardware_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93500B0E-5EE6-49C1-AD66-3AB007020B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages."
}
],
"id": "CVE-2002-1097",
"lastModified": "2024-11-20T23:40:35.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10022.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10022.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5612"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93500B0E-5EE6-49C1-AD66-3AB007020B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an \"HTTPS on Public Inbound (XML-Auto)(forward/in)\" rule but sets the protocol to \"ANY\" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator."
}
],
"id": "CVE-2002-1098",
"lastModified": "2024-11-20T23:40:35.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10023.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10023.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5614"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93500B0E-5EE6-49C1-AD66-3AB007020B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1866690B-BCF3-4134-946D-FB4AE1269961",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name."
}
],
"id": "CVE-2002-1101",
"lastModified": "2024-11-20T23:40:35.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vpn_3000_concentrator_series_software | 2.0 | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.a | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.b | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.c | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.d | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.f | |
| cisco | vpn_3000_concentrator_series_software | 3.0 | |
| cisco | vpn_3000_concentrator_series_software | 3.0\(rel\) | |
| cisco | vpn_3000_concentrator_series_software | 3.0.3.a | |
| cisco | vpn_3000_concentrator_series_software | 3.0.3.b | |
| cisco | vpn_3000_concentrator_series_software | 3.0.4 | |
| cisco | vpn_3000_concentrator_series_software | 3.1 | |
| cisco | vpn_3000_concentrator_series_software | 3.1\(rel\) | |
| cisco | vpn_3000_concentrator_series_software | 3.1.1 | |
| cisco | vpn_3000_concentrator_series_software | 3.1.2 | |
| cisco | vpn_3000_concentrator_series_software | 3.5\(rel\) | |
| cisco | vpn_3002_hardware_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93500B0E-5EE6-49C1-AD66-3AB007020B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code."
}
],
"id": "CVE-2002-1096",
"lastModified": "2024-11-20T23:40:35.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10019.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10019.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5611"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93500B0E-5EE6-49C1-AD66-3AB007020B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request."
}
],
"id": "CVE-2002-1094",
"lastModified": "2024-11-20T23:40:34.697",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10020.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5621"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5623"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10020.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5624"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-10-04 04:00
Modified
2024-11-20 23:40
Severity ?
Summary
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | vpn_3000_concentrator_series_software | 2.0 | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.a | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.b | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.c | |
| cisco | vpn_3000_concentrator_series_software | 2.5.2.d | |
| cisco | secure_access_control_server | 2.6.3 | |
| cisco | vpn_3002_hardware_client | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6.3:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "A668278F-8080-4295-95EB-88341478D16B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the \"No Encryption\" option set."
}
],
"id": "CVE-2002-1095",
"lastModified": "2024-11-20T23:40:34.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-10-04T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10021.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10021.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5625"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-22 11:03
Modified
2024-11-21 00:04
Severity ?
Summary
The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vpn_3001_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "786346D5-13D8-45C9-B91D-C2AACF675377",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A512328-2FD0-4B1D-9327-A13A0BCE9C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3020_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D50FE2-A4E6-4EF4-A91C-88FB0AF6CCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6548F964-B8EE-4B39-87CF-99743D41C42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E08810E6-33B6-45FF-91C7-EED10DC023EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD1A1AC-980F-428E-8BAF-0FC821014868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85ED2D96-5CC9-4851-986A-C9ED5E2D96CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AC150564-7413-401A-9DD8-8AD773F1D8F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7EA0DDDD-C987-4DA6-ADEE-77B387C26A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49696766-ECCE-4903-AA54-271EFEA58B8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9092680-E154-4EAB-A2D5-B692073F894E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF5F3FA-5FA4-408E-BA62-3943C5DFD859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFC9764-5BF5-449F-9200-5569C13F8309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12F2AAC-DB5B-4C28-86C5-F59490362E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "071F52AD-D59B-4673-BCBE-112B94D3EB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "80709CB0-D386-4C4F-B3EE-7A0501FD7248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.a:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AFAF42-B894-4D62-A9CF-3349A43191AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.b:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE5BB7F-D8B4-441B-9F45-56F622EEAA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.c:*:*:*:*:*:*:*",
"matchCriteriaId": "8B87A7EC-DC23-4075-8C4A-2317FF34BDB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.d:*:*:*:*:*:*:*",
"matchCriteriaId": "98AC18E3-D12B-489D-9D95-6C9210235FB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.f:*:*:*:*:*:*:*",
"matchCriteriaId": "E9DB969E-8BE9-46E0-B8AA-5057E320F1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "36291ADE-3D5A-4E49-8BA7-B71CAAA226B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D953DA9F-B54E-4941-85BE-48933C98DB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12E298AD-26AC-4E1D-83D8-5C2016CC6559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "590283B1-4965-44D3-A0D4-CD90DD6B2D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.5.b:*:*:*:*:*:*:*",
"matchCriteriaId": "B71DAF71-5763-44D8-AD1E-5ADE8BC15120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.5.b:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA54782-93A8-47BE-863D-89CA3678BF6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.a:*:*:*:*:*:*:*",
"matchCriteriaId": "67F66A10-246D-447B-941F-F1175684F0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.b:*:*:*:*:*:*:*",
"matchCriteriaId": "82435757-D892-4298-9176-5EC1FEC93037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A90348C-94E2-4F04-A887-E7EFFC1ACF12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1.f:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5E136E-9215-46A8-A40A-AE964C588A38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3005_concentrator_software:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17196F00-9D7A-4AF6-AE1E-EA2E450A8ABD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "32200DE2-71BA-417C-AF24-3BE549A68711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.1.f:*:*:*:*:*:*:*",
"matchCriteriaId": "25F3F37E-4BBD-4A0E-A1DF-64602D75207D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:pix_asa_ids:*:*:*:*:*:*:*:*",
"matchCriteriaId": "701810DC-0A46-4D01-90BD-03AAF277E4DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.3_\\(110\\):*:*:*:*:*:*:*",
"matchCriteriaId": "900DC321-4CEF-4810-8247-B82FE93F48BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:pix_firewall:6.3.3_\\(133\\):*:*:*:*:*:*:*",
"matchCriteriaId": "422F8E64-2376-4E82-A1A2-916BFB7172AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5C8F8B-4F20-4635-81FF-92F144F43793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.0:*:unix:*:*:*:*:*",
"matchCriteriaId": "22B6CD99-5B21-4961-AD47-B1722E586664",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.1:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "3BF391B2-17C6-4633-8CE9-35B637BFDC79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3:*:unix:*:*:*:*:*",
"matchCriteriaId": "7889030E-97F7-4CCD-8050-5250B1F58C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "26B0CB70-CC82-4FF1-882C-0712354DA113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3.5.1:*:unix:*:*:*:*:*",
"matchCriteriaId": "543A3774-28EB-406D-830E-957B5E9E7A66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3.6.1:*:unix:*:*:*:*:*",
"matchCriteriaId": "B0B5C19A-58BB-4A7A-886D-3567B37F466D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.4:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "4126D9DE-A75E-4A9E-9DA7-1477D5688872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.5:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "0354C50C-4104-4960-B1EE-F212CD3D6AE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "DE9B81AC-1D16-4FDF-B438-3D3ED2BE9538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6.2:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "8F515D7A-D663-49F0-8F12-1484000505FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6.3:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "A668278F-8080-4295-95EB-88341478D16B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6.4:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "A66BED35-F385-4A0C-9416-6F007536133E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.42:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "5EA57609-522C-4431-92AE-4FF11AA67320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44D05855-C8C1-4243-8438-5A36A01A8F48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "A60B49A7-B569-4485-A6B3-E14B9FB96950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0.1:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "FA889730-B2FF-4219-BBCA-A4364BA61EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0.3:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "8731D5CC-A6F9-48DB-B1D1-FD50CEAC63D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB11A75E-2E4B-4B83-B763-CBBC1D9DFB36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.1.1:*:windows_nt:*:*:*:*:*",
"matchCriteriaId": "DFFE6A50-B704-42BB-8FFF-27E9F4D3B576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "109147BF-3225-48E4-8BE1-2E5B59921032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:windows_server:*:*:*:*:*",
"matchCriteriaId": "7CDA01B6-6887-40BB-B541-65F198D03219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "86806D6E-1BDF-4253-AEB7-D9D88D224812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(1.20\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0BD6882-379C-4EA7-8E51-124273C5A56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "680E5A81-6409-4CE7-8496-D7845FD7E851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3868E060-0278-491A-9943-1A2E435C7606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F39D3441-C84A-403A-ACB4-8019579EE4DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61ED039B-C3E6-4BC8-A97A-351EC9CEAF16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D2793200-D95D-4BD3-8DF2-4A847230FBE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0E587654-B5A0-47A4-BED6-D8DB69AEF566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F07B954-817F-47AC-BCAC-3DA697A6E2F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC1B599-05C0-4FB5-A47B-5D858DAB43A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "151D5A44-2D0D-478A-B011-A0892817B814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "286199EA-71CF-46B4-9131-F1752C2EA82D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C5A417-C48D-4799-A766-7B231ADF27C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "026A2C0D-AD93-49DC-AF72-8C12AD565B2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "920FAF7C-2964-497B-B1F8-3B060AAB4C55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2D499F38-A34C-44D0-A061-C3AE08CF178B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "63E564B5-A39F-4837-93B8-1331CD975D4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.1\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1EEDB9DD-C862-4783-9F96-88836424B298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.1\\(6b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3BD36C4A-4B90-4012-B4A5-6081C413E302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C39A993C-5A36-4D3F-B8B6-9B3252713127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B1C4F7D5-DCD0-409C-86BF-A96A5253DF64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8198D129-76D0-4983-BFC4-8EC724FE1B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6BEECFAA-9DD5-4950-B9F1-CF8582225314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49566EAC-05AF-4880-8000-351AF538E4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "23E9FBEE-3213-47FA-8CBA-C285533265FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "118CBF59-DAD8-468E-B279-F6359E4624F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(7.202\\):*:*:*:*:*:*:*",
"matchCriteriaId": "957E6F8F-6881-44DE-A687-9D1E0C13F6CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E56328FE-F499-4325-AFEC-45BFEAB7662D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA2E425-904C-4070-8F5F-B81BCF3147F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "604CF950-5D4B-4DC6-819E-0528B22CB05C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E12887E5-A2BB-4B1E-9621-2961458BCE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1\\(4.206\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B5BE2F7-687C-477B-818B-A102526DF36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "999A0969-60EB-4B2E-A274-9F05D9F840E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "626E41D2-A5EF-493D-9486-3D9BC3793EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EBA31E4D-2215-4E4A-BCCC-B3D922CB752D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(3.210\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F16AD2C-1CC1-43D9-A944-F67071B62E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A42FFBF7-9ADB-4F14-BED8-F2E53BEE7B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "25D16481-CA9A-4B4D-AC9D-3A4F0387FF19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "56E4588E-6C1F-4720-8082-0EF299435CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D24E0E92-59D7-4B16-8B0D-2FD0EE821D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ED24C763-7558-4AC0-AE10-FDA3D3078D27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4CC85ED3-B598-4A87-A2B8-8D3B52ECC2F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(1.200\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C84CE24E-4ED6-43D0-A234-FBD24D22A8A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF84B9FE-7C6C-4578-A5A9-EF0D5EEEEC19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "72C3E2B4-3A36-44B5-90D3-1BF9FAD98579",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1.5\\(104\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F76AED68-8304-4BC6-9D98-64231B08A6A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B0D74D2C-662B-4D24-89EE-3DB73F96BBF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*",
"matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E6D5FD3-CF95-4A3B-9ADB-CEC77F73CA78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS."
}
],
"id": "CVE-2005-4499",
"lastModified": "2024-11-21T00:04:24.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-22T11:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18141"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/22193"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16025"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-05-27 04:00
Modified
2024-11-20 23:44
Severity ?
Summary
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A512328-2FD0-4B1D-9327-A13A0BCE9C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6548F964-B8EE-4B39-87CF-99743D41C42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E08810E6-33B6-45FF-91C7-EED10DC023EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BD1A1AC-980F-428E-8BAF-0FC821014868",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*",
"matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*",
"matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*",
"matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*",
"matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*",
"matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*",
"matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F9092680-E154-4EAB-A2D5-B692073F894E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8EF5F3FA-5FA4-408E-BA62-3943C5DFD859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ADFC9764-5BF5-449F-9200-5569C13F8309",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F12F2AAC-DB5B-4C28-86C5-F59490362E54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "071F52AD-D59B-4673-BCBE-112B94D3EB66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "80709CB0-D386-4C4F-B3EE-7A0501FD7248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.a:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AFAF42-B894-4D62-A9CF-3349A43191AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.b:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE5BB7F-D8B4-441B-9F45-56F622EEAA52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.c:*:*:*:*:*:*:*",
"matchCriteriaId": "8B87A7EC-DC23-4075-8C4A-2317FF34BDB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.d:*:*:*:*:*:*:*",
"matchCriteriaId": "98AC18E3-D12B-489D-9D95-6C9210235FB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7d:*:*:*:*:*:*:*",
"matchCriteriaId": "36291ADE-3D5A-4E49-8BA7-B71CAAA226B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet."
},
{
"lang": "es",
"value": "Concentradores de Cisco de la serie VPN 3000 y Cisco VPN 3002 Hardware Client 2.x.x hasta 3.6.7 permiten que atacantes remotos causen una denegaci\u00f3n de servicio (recarga) mediante un paquete de inicializaci\u00f3n SSH mal constru\u00eddo."
}
],
"id": "CVE-2003-0259",
"lastModified": "2024-11-20T23:44:20.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-05-27T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/317348"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/317348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11955"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}