CVE-2003-1004

CWE-3994 documents4 sources
Severity
5.0MEDIUM
EPSS
0.7%
top 29.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco PIX FirewallCisco PIX Firewall Software
Timeline
PublishedJan 5
Latest updateApr 29

Description

Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDcisco/pix_firewall6.2.2_.111
NVDcisco/pix_firewall_software5 versions+4

Patches

Patch: www.cisco.comPatch: www.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-hcm5-h4f2-jg39: Cisco PIX firewall 62022-04-29
CVEList
CVE-2003-1004: Cisco PIX firewall 62003-12-17

📋Vendor Advisories

1
Cisco
Cisco PIX Vulnerabilities2003-12-16
CVE-2003-1004 (MEDIUM CVSS 5) | Cisco PIX firewall 6.2.x through 6. | cvebase.io