CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-1623

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.786

EPSS Ranking 99.0%

CVSS Severity

CVSS v2 Score 5.0

References

http://lists.grok.org.uk/pipermail/full-disclosure/2002-September/001223.html
http://marc.info/?l=bugtraq&m=103124812629621&w=2
http://marc.info/?l=bugtraq&m=103176164729351&w=2
http://www.checkpoint.com/techsupport/alerts/ike.html
http://www.kb.cert.org/vuls/id/886601
http://www.nta-monitor.com/news/checkpoint.htm
http://www.securiteam.com/securitynews/5TP040U8AW.html
http://www.securityfocus.com/archive/1/290202
http://www.securityfocus.com/bid/5607
https://exchange.xforce.ibmcloud.com/vulnerabilities/10034
http://lists.grok.org.uk/pipermail/full-disclosure/2002-September/001223.html
http://marc.info/?l=bugtraq&m=103124812629621&w=2
http://marc.info/?l=bugtraq&m=103176164729351&w=2
http://www.checkpoint.com/techsupport/alerts/ike.html
http://www.kb.cert.org/vuls/id/886601
http://www.nta-monitor.com/news/checkpoint.htm
http://www.securiteam.com/securitynews/5TP040U8AW.html
http://www.securityfocus.com/archive/1/290202
http://www.securityfocus.com/bid/5607
https://exchange.xforce.ibmcloud.com/vulnerabilities/10034

Products affected by CVE-2002-1623

Checkpoint » Vpn-1 Firewall-1 » Version: 4.0

cpe:2.3:a:checkpoint:vpn-1_firewall-1:4.0
Checkpoint » Vpn-1 Firewall-1 » Version: 4.1

cpe:2.3:a:checkpoint:vpn-1_firewall-1:4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1623

Products

Pricing

Contact Us