CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
81.4%
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | vpn_3015_concentrator | * | cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:* |
cisco | vpn_3030_concentator | * | cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:* |
cisco | vpn_3060_concentrator | * | cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:* |
cisco | vpn_3080_concentrator | * | cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 3.5(rel) | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\(rel\):*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 3.5.1 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 3.5.2 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 3.5.3 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 3.5.4 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 3.5.5 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:* |