[email protected]CVE-2003-0258

HistoryMay 27, 2003 - 4:00 a.m.

CVE-2003-0258

2003-05-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cisco

vpn

cisco vpn 3000

concentrators

hardware client

ipsec

tcp

vulnerability

authentication

nvd

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.1%

JSON

Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.

CPENameOperatorVersion
cisco:vpn_3015_concentratorcisco vpn 3015 concentratoreq*
cisco:vpn_3030_concentatorcisco vpn 3030 concentatoreq*
cisco:vpn_3060_concentratorcisco vpn 3060 concentratoreq*
cisco:vpn_3080_concentratorcisco vpn 3080 concentratoreq*
cisco:vpn_3000_concentrator_series_softwarecisco vpn 3000 concentrator series softwareeq3.5\(rel\)
cisco:vpn_3000_concentrator_series_softwarecisco vpn 3000 concentrator series softwareeq3.5.1
cisco:vpn_3000_concentrator_series_softwarecisco vpn 3000 concentrator series softwareeq3.5.2
cisco:vpn_3000_concentrator_series_softwarecisco vpn 3000 concentrator series softwareeq3.5.3
cisco:vpn_3000_concentrator_series_softwarecisco vpn 3000 concentrator series softwareeq3.5.4
cisco:vpn_3000_concentrator_series_softwarecisco vpn 3000 concentrator series softwareeq3.5.5

CPE	Name	Operator	Version
cisco:vpn_3015_concentrator	cisco vpn 3015 concentrator	eq	*
cisco:vpn_3030_concentator	cisco vpn 3030 concentator	eq	*
cisco:vpn_3060_concentrator	cisco vpn 3060 concentrator	eq	*
cisco:vpn_3080_concentrator	cisco vpn 3080 concentrator	eq	*
cisco:vpn_3000_concentrator_series_software	cisco vpn 3000 concentrator series software	eq	3.5\(rel\)
cisco:vpn_3000_concentrator_series_software	cisco vpn 3000 concentrator series software	eq	3.5.1
cisco:vpn_3000_concentrator_series_software	cisco vpn 3000 concentrator series software	eq	3.5.2
cisco:vpn_3000_concentrator_series_software	cisco vpn 3000 concentrator series software	eq	3.5.3
cisco:vpn_3000_concentrator_series_software	cisco vpn 3000 concentrator series software	eq	3.5.4
cisco:vpn_3000_concentrator_series_software	cisco vpn 3000 concentrator series software	eq	3.5.5

Rows per page:

1-10 of 231

References

www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml

www.kb.cert.org/vuls/id/727780

exchange.xforce.ibmcloud.com/vulnerabilities/11954

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

81.1%

JSON

Related for CVE-2003-0258

cert1 nessus1 cisco1