Vpn 3002 Hardware Client Security Vulnerabilities and Issues — Vpn 3002 Hardware Client CVE List

Lucene search

CiscoVpn 3002 Hardware Client

5 matches found

CVE•added 2005/12/22 11:3 a.m.•59 views

CVE-2005-4499

The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges b...

7.5CVSS7.4AI score0.01908EPSS

CVE•added 2003/05/27 4:0 a.m.•46 views

CVE-2003-0258

Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.

7.5CVSS6.7AI score0.00649EPSS

CVE•added 2004/09/01 4:0 a.m.•41 views

CVE-2002-1096

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.

7.5CVSS6.1AI score0.00527EPSS

CVE•added 2004/09/01 4:0 a.m.•38 views

CVE-2002-1097

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages.

7.5CVSS6.3AI score0.00284EPSS

CVE•added 2004/09/01 4:0 a.m.•36 views

CVE-2002-1098

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator.

7.5CVSS6.7AI score0.00527EPSS