CVE-2002-1092
3 documents3 sources
Severity
7.5HIGH
EPSS
0.5%
top 32.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 4
Latest updateApr 30
Description
Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4