Vulnerability Details CVE-2002-1107
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 75.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
- http://www.securityfocus.com/bid/5653
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10046
- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml
- http://www.securityfocus.com/bid/5653
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10046
Products affected by CVE-2002-1107
-
cpe:2.3:a:cisco:vpn_client:2.0
-
cpe:2.3:a:cisco:vpn_client:3.0
-
cpe:2.3:a:cisco:vpn_client:3.0.5
-
cpe:2.3:a:cisco:vpn_client:3.1
-
cpe:2.3:a:cisco:vpn_client:3.5.1
-
cpe:2.3:a:cisco:vpn_client:3.5.1c
-
cpe:2.3:a:cisco:vpn_client:3.5.2