CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
82.0%
The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | vpn_3000_concentrator_series_software | 2.0 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 2.5.2.a | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 2.5.2.b | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 2.5.2.c | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 2.5.2.d | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 2.5.2.f | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 3.0 | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 3.0(rel) | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0\(rel\):*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 3.0.3.a | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:* |
cisco | vpn_3000_concentrator_series_software | 3.0.3.b | cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:* |