Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.
References
Link | Resource |
---|---|
http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml | Patch Vendor Advisory |
http://www.kb.cert.org/vuls/id/727780 | US Government Resource |
https://exchange.xforce.ibmcloud.com/vulnerabilities/11954 |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2003-05-26 21:00
Updated : 2018-10-30 09:26
NVD link : CVE-2003-0258
Mitre link : CVE-2003-0258
JSON object : View
CWE
Products Affected
cisco
- vpn_3080_concentrator
- vpn_3060_concentrator
- vpn_3000_concentrator_series_software
- vpn_3002_hardware_client
- vpn_3005_concentrator_software
- vpn_3030_concentator
- vpn_3015_concentrator