CVE-2002-1092
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/10/2002
Last modified:
03/04/2025
Description
Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:*:*:*:*:*:*:*:* | 3.6\(rel\) (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
- http://www.securityfocus.com/bid/5613
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10017
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
- http://www.securityfocus.com/bid/5613
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10017