Vulnerability Database

300,826

Total vulnerabilities in the database

CVE-2002-1092

Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.

Published: Oct 4, 2002
Updated: Nov 9, 2025
CVE: CVE-2002-1092
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / vpn_3000_concentrator_series_software	-	3.6\(rel\).x

http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
http://www.securityfocus.com/bid/5613
https://exchange.xforce.ibmcloud.com/vulnerabilities/10017

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo