CVE-2002-1747

2005-06-2104:00:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.4%

JSON

Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB.

References

seclists.org/bugtraq/2002/Jan/0119.html

exchange.xforce.ibmcloud.com/vulnerabilities/7868