CVE-2002-1097

medium

Description

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages.

References

http://www.securityfocus.com/bid/5612

http://www.iss.net/security_center/static/10022.php

http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml

Details

Source: Mitre, NVD

Published: 2002-10-04

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Severity: Medium