CVE-2002-1098 in VPN 3000 Concentratorinformazioni

Riassunto

di MITRE

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgazione

04/10/2002

Moderazione

accettato

Voce

VDB-19010

CPE

pronto

CWE

CWE-269 (confermato)

CVSS

7.3 (VulDB)

EPSS

0.01317

KEV

Attività

molto basso

Settore

Hospital, Police, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-1098
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1098
CVE Details	https://www.cvedetails.com/cve/CVE-2002-1098/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!