Vulnerability Details CVE-2002-1107
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.9%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
- http://www.securityfocus.com/bid/5653
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10046
- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
- http://www.securityfocus.com/bid/5653
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10046
Products affected by CVE-2002-1107
-
cpe:2.3:a:cisco:vpn_client:2.0
-
cpe:2.3:a:cisco:vpn_client:3.0
-
cpe:2.3:a:cisco:vpn_client:3.0.5
-
cpe:2.3:a:cisco:vpn_client:3.1
-
cpe:2.3:a:cisco:vpn_client:3.5.1
-
cpe:2.3:a:cisco:vpn_client:3.5.1c
-
cpe:2.3:a:cisco:vpn_client:3.5.2