CVE-2001-0427

Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts.

Published: Jun 18, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-0427
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / vpn_3015_concentrator	-	-
cisco / vpn_3060_concentrator	-	-
cisco / vpn_3000_concentrator	-	-
cisco / vpn_3005_concentrator	-	-
cisco / vpn_3030_concentator	-	-
cisco / vpn_3080_concentrator	-	-

http://www.cisco.com/warp/public/707/vpn3k-telnet-vuln-pub.shtml
http://www.osvdb.org/5643
https://exchange.xforce.ibmcloud.com/vulnerabilities/6298

Vulnerability Database

289,697

CVE-2001-0427