exploitDog

CVE-2002-1092

Опубликовано: 04 окт. 2002

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.

Ссылки

http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
Vendor Advisory
http://www.securityfocus.com/bid/5613
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/10017
http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
Vendor Advisory
http://www.securityfocus.com/bid/5613
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/10017

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:*:*:*:*:*:*:*:*

Версия до 3.6\(rel\) (включая)

EPSS

Процентиль: 67%

0.00533

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9m7x-gcj3-xg42

github

почти 4 года назад

Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.

EPSS

Процентиль: 67%

0.00533

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other