CVE-2002-1096

3 documents3 sources

Severity

7.5HIGH

EPSS

0.5%

top 32.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco VPN 3000 Concentrator Series Software

Timeline

PublishedOct 4

Latest updateApr 30

Description

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDcisco/vpn_3000_concentrator_series_software16 versions+15

🔴Vulnerability Details

GHSA

GHSA-9p85-w48c-pm4c: Cisco VPN 3000 Concentrator 2↗2022-04-30

▶

CVEList

CVE-2002-1096: Cisco VPN 3000 Concentrator 2↗2004-09-01

▶