Cisco VPN 3000 Concentrator Vulnerabilities

cisco-sa-20030507-vpn3k · NA · Published 23 years ago · Updated 23 years ago

Data: Cisco advisories 1 day ago · Cisco CSAF 4 hours ago · NVD CVEs 7 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

This advisory documents vulnerabilities for the Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client. These vulnerabilities are documented as Cisco bug ID CSCea77143 (IPSec over TCP), CSCdz15393 (SSH), and CSCdt84906 (ICMP). There are workarounds available to mitigate the effects of these vulnerabilities. Upgrading to the latest version of code for the Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client, version 4.0.1 and 3.6.7F, would protect against all of these documented vulnerabilities. This advisory will be posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20030507-vpn3k .

Cisco advisory ·CSAF JSON

Workarounds

No workaround information imported yet.

CVEs	CVE-2003-0258, CVE-2003-0259, CVE-2003-0260
Cisco Bug IDs	NA
CVSS Score	Base NA

Products with public affected evidence

Product	CVE	Affected evidence
Cisco VPN 3000 Series Concentrator	CVE-2003-0258	structured affected CSAF product_status
Cisco VPN 3002 Hardware Client	CVE-2003-0258	structured affected CSAF product_status
Cisco VPN 3000 Series Concentrator	CVE-2003-0260	structured affected CSAF product_status
Cisco VPN 3002 Hardware Client	CVE-2003-0260	structured affected CSAF product_status
Cisco VPN 3000 Series Concentrator	CVE-2003-0259	structured affected CSAF product_status
Cisco VPN 3002 Hardware Client	CVE-2003-0259	structured affected CSAF product_status