fkie_nvd - fkie_cve-2002-1107

fkie_cve-2002-1107

Vulnerability from fkie_nvd

Published

2002-10-04 04:00

Modified

2025-04-03 01:03

Severity ?

Summary

Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.

References

URL	Tags
cve@mitre.org	http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/5653	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/10046
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/5653	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/10046

Impacted products

Vendor	Product	Version
cisco	vpn_client	2.0
cisco	vpn_client	3.0
cisco	vpn_client	3.0.5
cisco	vpn_client	3.1
cisco	vpn_client	3.5.1
cisco	vpn_client	3.5.1
cisco	vpn_client	3.5.1
cisco	vpn_client	3.5.1
cisco	vpn_client	3.5.1c
cisco	vpn_client	3.5.2
cisco	vpn_client	3.5.2
cisco	vpn_client	3.5.2
cisco	vpn_client	3.5.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:2.0:*:windows:*:*:*:*:*",
              "matchCriteriaId": "398B68C7-C1DB-4A62-B0A2-89C917768E58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.0:*:windows:*:*:*:*:*",
              "matchCriteriaId": "20C66C87-1367-4440-A2C2-E6B657DA2743",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.0.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "D4BFB291-672C-437E-BBF4-B00D89C11EA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "4A270D7C-ACBC-41A4-A606-8A4F35894E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "2BD00D0A-EB6E-41AA-851D-9DD258E23BEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "3FB66EB9-9FE9-4B13-9E5F-E9DEDCD0E3C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "88EB557F-33CD-40FE-B470-04F93CB2F3E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "59938F7D-5F64-4FC0-A5B2-C798AF297130",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1c:*:windows:*:*:*:*:*",
              "matchCriteriaId": "76060A99-ED0C-4125-B67E-FA8E4F57AAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "F2EEB23E-4592-49A1-BDC6-110580340AAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:mac_os_x:*:*:*:*:*",
              "matchCriteriaId": "D548CEFE-1970-42D3-9039-196A3B5F5D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "2D4BDB9B-99D8-42B7-8D57-2B57029220F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:windows:*:*:*:*:*",
              "matchCriteriaId": "2288FB91-4607-417D-8658-E1B8090BE40A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing."
    }
  ],
  "id": "CVE-2002-1107",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-10-04T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/5653"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/5653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10046"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2002-1107 (GCVE-0-2002-1107)

Vulnerability from cvelistv5

Published

2004-09-01 04:00