CVE-2002-1107

3 documents3 sources
Severity
7.5HIGH
EPSS
0.5%
top 32.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco VPN Client
Timeline
PublishedOct 4
Latest updateApr 30

Description

Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDcisco/vpn_client7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-9g3q-qxmq-3pm4: Cisco Virtual Private Network (VPN) Client software 22022-04-30
CVEList
CVE-2002-1107: Cisco Virtual Private Network (VPN) Client software 22004-09-01
CVE-2002-1107 (HIGH CVSS 7.5) | Cisco Virtual Private Network (VPN) | cvebase.io