5

CVE-2005-2025

Exploit

EPSS 0.5%
Veröffentlicht 20.06.2005 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Vpn 3000 Concentrator

Cisco ≫ Vpn 3015 Concentrator

Cisco ≫ Vpn 3020 Concentrator

Cisco ≫ Vpn 3030 Concentator

Cisco ≫ Vpn 3060 Concentrator

Cisco ≫ Vpn 3080 Concentrator

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.0

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.5.2.a

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.5.2.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.5.2.c

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.5.2.d

Cisco ≫ Vpn 3000 Concentrator Series Software Version2.5.2.f

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.0

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.0.3.a

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.0.3.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.0.4

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.1.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.1.2

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.1.4

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.5.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.5.2

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.5.3

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.5.4

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.5.5

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.3

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.5

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7.a

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7.c

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7.d

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7.f

Cisco ≫ Vpn 3000 Concentrator Series Software Version3.6.7d

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.0

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.0.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.0.5.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.1

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.1.5.b

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.1.7.a

Cisco ≫ Vpn 3000 Concentrator Series Software Version4.1.7.b

Cisco ≫ Vpn 3005 Concentrator Software Version4.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.5%	0.649

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.nta-monitor.com/news/vpn-flaws/cisco/VPN-Concentrator/index.htm

Patch

Vendor Advisory

Exploit

http://www.securityfocus.com/bid/13992

Patch

Vendor Advisory

http://www.vupen.com/english/advisories/2005/0822

https://nvd.nist.gov/vuln/detail/CVE-2005-2025

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-2025

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-2025

EUVD