CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-1937

Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.7%

CVSS Severity

CVSS v2 Score 5.0

References

http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html
http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html
http://www.iss.net/security_center/static/10442.php
http://archives.neohapsis.com/archives/bugtraq/2002-10/0314.html
http://archives.neohapsis.com/archives/bugtraq/2002-10/0329.html
http://www.iss.net/security_center/static/10442.php

Products affected by CVE-2002-1937

Symantec » Firewall Vpn Appliance 100 » Version: N/A

cpe:2.3:h:symantec:firewall_vpn_appliance_100:-
Symantec » Firewall Vpn Appliance 200 » Version: N/A

cpe:2.3:h:symantec:firewall_vpn_appliance_200:-
Symantec » Firewall Vpn Appliance 200r » Version: N/A

cpe:2.3:h:symantec:firewall_vpn_appliance_200r:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-1937

Products

Pricing

Contact Us