VPN 3000 Concentrator Series Software
CVEs (26)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1092 | 0.00 | — | 0.01 | Oct 4, 2002 | Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication. | |||
| CVE-2002-1103 | 0.00 | — | 0.01 | Oct 4, 2002 | Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets. | |||
| CVE-2002-1099 | 0.00 | — | 0.01 | Oct 4, 2002 | Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages. | |||
| CVE-2002-1102 | 0.00 | — | 0.02 | Oct 4, 2002 | The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes… | |||
| CVE-2001-0428 | 0.00 | — | 0.02 | Jul 2, 2001 | Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option. | |||
| CVE-2001-0427 | 0.00 | — | 0.03 | Jun 18, 2001 | Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts. |
- CVE-2002-1092Oct 4, 2002risk 0.00cvss —epss 0.01
Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.
- CVE-2002-1103Oct 4, 2002risk 0.00cvss —epss 0.01
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.
- CVE-2002-1099Oct 4, 2002risk 0.00cvss —epss 0.01
Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages.
- CVE-2002-1102Oct 4, 2002risk 0.00cvss —epss 0.02
The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes…
- CVE-2001-0428Jul 2, 2001risk 0.00cvss —epss 0.02
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
- CVE-2001-0427Jun 18, 2001risk 0.00cvss —epss 0.03
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts.
Page 2 of 2