CVE-2002-1491
published 2003-04-02CVE-2002-1491: The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which…
PriorityP418medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
1.16%
63.2th percentile
The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | vpn_5000 | — | — |
| cisco | vpn_5000_client | — | — |
| cisco | vpn_5000_client | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco VPN 5000 Client Multiple Vulnerabilities
vendor_cisco·2002-09-18
CVE-2002-1491 Cisco VPN 5000 Client Multiple Vulnerabilities
Cisco VPN 5000 Client Multiple Vulnerabilities
Multiple vulnerabilities exist in the Cisco Virtual Private Network
(VPN) 5000 Client software. These vulnerabilities are documented as Cisco bug
ID CSCdx17109 and CSCdy20065. There are some workarounds available to mitigate
the effects of these vulnerabilities.
This advisory will be posted at
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020918-vpn5k-vulnerability.
Cisco
Cisco VPN 5000 Client Multiple Vulnerabilities
vendor_cisco
CVE-2002-1491 Cisco VPN 5000 Client Multiple Vulnerabilities
CVE-2002-1491: Cisco VPN 5000 Client Multiple Vulnerabilities
Multiple vulnerabilities exist in the Cisco Virtual Private Network (VPN) 5000 Client software. These vulnerabilities are documented as Cisco bug ID CSCdx17109 and CSCdy20065. There are some
Bug IDs: CSCdx17109, CSCdy20065, CSCdx17109, CSCdy20065, CSCdx17109
GHSA
GHSA-fxjg-ghw7-4rg3: The Cisco VPN 5000 Client for MacOS before 5
ghsa_unreviewed·2022-04-30
CVE-2002-1491 [MEDIUM] GHSA-fxjg-ghw7-4rg3: The Cisco VPN 5000 Client for MacOS before 5
The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtmlhttp://www.iss.net/security_center/static/10129.phphttp://www.osvdb.org/7041http://www.securityfocus.com/bid/5736http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtmlhttp://www.iss.net/security_center/static/10129.phphttp://www.osvdb.org/7041http://www.securityfocus.com/bid/5736
2003-04-02
Published