Lucene search
MitreCVE-2003-0258HistoryMay 27, 2003 - 4:00 a.m.
CVE-2003-0258
2003-05-2704:00:00
mitre
web.nvd.nist.gov
31
cisco
vpn
cisco vpn 3000
concentrators
hardware client
ipsec
tcp
vulnerability
authentication
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.008
Percentile
81.4%
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.
Affected configurations
Node
ciscovpn_3015_concentrator
ORciscovpn_3030_concentator
ORciscovpn_3060_concentrator
ORciscovpn_3080_concentrator
ORciscovpn_3000_concentrator_series_softwareMatch3.5\(rel\)
ORciscovpn_3000_concentrator_series_softwareMatch3.5.1
ORciscovpn_3000_concentrator_series_softwareMatch3.5.2
ORciscovpn_3000_concentrator_series_softwareMatch3.5.3
ORciscovpn_3000_concentrator_series_softwareMatch3.5.4
ORciscovpn_3000_concentrator_series_softwareMatch3.5.5
ORciscovpn_3000_concentrator_series_softwareMatch3.6
ORciscovpn_3000_concentrator_series_softwareMatch3.6.1
ORciscovpn_3000_concentrator_series_softwareMatch3.6.3
ORciscovpn_3000_concentrator_series_softwareMatch3.6.5
ORciscovpn_3000_concentrator_series_softwareMatch3.6.7
ORciscovpn_3000_concentrator_series_softwareMatch3.6.7.a
ORciscovpn_3000_concentrator_series_softwareMatch3.6.7.b
ORciscovpn_3000_concentrator_series_softwareMatch3.6.7.c
ORciscovpn_3000_concentrator_series_softwareMatch3.6.7.d
ORciscovpn_3000_concentrator_series_softwareMatch3.6.7d
ORciscovpn_3000_concentrator_series_softwareMatch4.0
ORciscovpn_3005_concentrator_softwareMatch4.0.1
ciscovpn_3002_hardware_client
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | vpn_3015_concentrator | * | cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:* |
| cisco | vpn_3030_concentator | * | cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:* |
| cisco | vpn_3060_concentrator | * | cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:* |
| cisco | vpn_3080_concentrator | * | cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:* |
| cisco | vpn_3000_concentrator_series_software | 3.5(rel) | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\(rel\):*:*:*:*:*:*:* |
| cisco | vpn_3000_concentrator_series_software | 3.5.1 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:* |
| cisco | vpn_3000_concentrator_series_software | 3.5.2 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:* |
| cisco | vpn_3000_concentrator_series_software | 3.5.3 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:* |
| cisco | vpn_3000_concentrator_series_software | 3.5.4 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:* |
| cisco | vpn_3000_concentrator_series_software | 3.5.5 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2003-0258
2003-05-08 04:00:00
cert
cert
nvd
nvd
CVE-2003-0258
2003-05-27 04:00:00
cisco
cisco
Cisco VPN 3000 Concentrator Vulnerabilities
2003-05-07 16:00:00
nessus
nessus
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.008
Percentile
81.4%
Related for CVE-2003-0258