Lucene search

[email protected]CVE-1999-1100

HistoryMar 09, 2002 - 5:00 a.m.

CVE-1999-1100

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

cisco

pix private link

des key

cve-1999-1100

nvd

configuration file

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.3%

JSON

Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack.

Affected configurations

NVD

Node

ciscopix_private_linkRange≤4.1\(6\)

CPENameOperatorVersion
cisco:pix_private_linkcisco pix private linkle4.1\(6\)

CPE	Name	Operator	Version
cisco:pix_private_link	cisco pix private link	le	4.1\(6\)

References

ciac.llnl.gov/ciac/bulletins/i-056.shtml

www.cisco.com/warp/public/770/pixkey-pub.shtml

exchange.xforce.ibmcloud.com/vulnerabilities/1579

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.3%

JSON

Related for CVE-1999-1100

cvelist1 nvd1