Page 4 of 20 results (0.003 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication. • http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml http://www.securityfocus.com/bid/5613 https://exchange.xforce.ibmcloud.com/vulnerabilities/10017 •

CVSS: 5.0EPSS: 0%CPEs: 20EXPL: 0

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface. • http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml http://www.iss.net/security_center/static/10025.php http://www.securityfocus.com/bid/5617 •

CVSS: 5.0EPSS: 0%CPEs: 20EXPL: 0

Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request. • http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml http://www.iss.net/security_center/static/10020.php http://www.securityfocus.com/bid/5621 http://www.securityfocus.com/bid/5623 http://www.securityfocus.com/bid/5624 •

CVSS: 5.0EPSS: 0%CPEs: 23EXPL: 0

Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets. • http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml http://www.kb.cert.org/vuls/id/761651 •

CVSS: 5.0EPSS: 0%CPEs: 23EXPL: 1

Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name. • https://www.exploit-db.com/exploits/21770 http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml •