CVE-2002-1092

Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.

Published: Oct 4, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-1092
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / vpn_3000_concentrator_series_software	-	3.6\(rel\).x

http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
http://www.securityfocus.com/bid/5613
https://exchange.xforce.ibmcloud.com/vulnerabilities/10017

Vulnerability Database

289,697

CVE-2002-1092