Lucene search

[email protected]CVE-2002-1092

HistorySep 01, 2004 - 4:00 a.m.

CVE-2002-1092

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

cisco

vpn

concentrator

authentication

pptp

ipsec

vulnerability

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.4%

JSON

Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.

Affected configurations

NVD

Node

ciscovpn_3000_concentrator_series_softwareRange≤3.6\(rel\)

CPENameOperatorVersion
cisco:vpn_3000_concentrator_series_softwarecisco vpn 3000 concentrator series softwarele3.6\(rel\)

CPE	Name	Operator	Version
cisco:vpn_3000_concentrator_series_software	cisco vpn 3000 concentrator series software	le	3.6\(rel\)

References

www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml

www.securityfocus.com/bid/5613

exchange.xforce.ibmcloud.com/vulnerabilities/10017

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.4%

JSON

Related for CVE-2002-1092

cvelist1 nvd1 nessus2