Unrated severityNVD Advisory· Published Oct 4, 2002· Updated Apr 16, 2026

CVE-2002-1092

Description

Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.

Affected products

Cisco Systems, Inc./Vpn 3000 Concentrator Series Software
cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:*:*:*:*:*:*:*:*
Range: <=3.6\(rel\)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtmlnvdVendor Advisory
www.securityfocus.com/bid/5613nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/10017nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000