Vulnerability Details CVE-2002-1095
Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
- http://www.iss.net/security_center/static/10021.php
- http://www.securityfocus.com/bid/5625
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
- http://www.iss.net/security_center/static/10021.php
- http://www.securityfocus.com/bid/5625
Products affected by CVE-2002-1095
-
cpe:2.3:a:cisco:secure_access_control_server:2.6.3
-
cpe:2.3:a:cisco:vpn_3002_hardware_client:-
-
cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0
-
cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a
-
cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b
-
cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c
-
cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d