|
Vulnerability Report: Cisco VPN 3000 Concentrator
|
This vulnerability report for Cisco VPN 3000 Concentrator contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.
If you have information about a new or an existing vulnerability in Cisco VPN 3000 Concentrator then you are more than welcome to contact us.
|
|
|
|
|
Vendor, Links, and Unpatched Vulnerabilities
| Vendor |
Cisco
|
|
|
Product Link
|
N/A
|
|
|
Affected By
|
11 Secunia advisories
9 Vulnerabilities
|
|
|
Monitor Product
|
Receive alerts for this product
|
|
|
Unpatched
|
9% (1 of 11 Secunia advisories)
|
|
Most Critical Unpatched
The most severe unpatched Secunia advisory affecting Cisco VPN 3000 Concentrator, with all vendor patches applied, is rated Less critical  .
|
|
|
|
|
|
11 Secunia Advisories in 2003-2009
|
Secunia has issued a total of 11 Secunia advisories in 2003-2009 for Cisco VPN 3000 Concentrator. Currently, 9% (1 out of 11) are marked as unpatched with the most severe being rated Less critical
More information about the specific Secunia advisories affecting Cisco VPN 3000 Concentrator can be found below. Each Secunia advisory is enclosed by a box highlighted with a color representing its current patch status. You can read the complete Secunia advisories for thorough descriptions of the issues covered and for solution suggestions by clicking either the Secunia advisory title or the "Read More" links available for each Secunia advisory.
|
|
|
|
|
|
Release Date:
2006-08-24 |
Secunia Advisory ID:
SA21617 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From local network |
|
Short Description:
Two vulnerabilities have been reported in Cisco VPN 3000 Concentrator, which can be exploited by malicious people to bypass certain security restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2006-06-14 |
Secunia Advisory ID:
SA20644 |
Solution Status:
Unpatched |
|
Criticality:
|
Impact:
Cross Site Scripting
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in Cisco WebVPN, which can be exploited by malicious people to conduct cross-site scripting attacks. [Read More]
|
|
|
|
|
|
Release Date:
2006-01-27 |
Secunia Advisory ID:
SA18629 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
DoS
|
Where:
From remote |
|
Short Description:
Two vulnerabilities have been reported in Cisco VPN 3000 Concentrator, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2006-01-03 |
Secunia Advisory ID:
SA18141 |
Solution Status:
Partial Fix |
|
Criticality:
|
Impact:
Security Bypass
|
Where:
From local network |
|
Short Description:
ovt has reported a vulnerability in Cisco Secure ACS (Access Control Server), which potentially can be exploited by malicious people to bypass certain security restrictions. [Read More]
|
|
|
|
|
|
Release Date:
2005-11-14 |
Secunia Advisory ID:
SA17553 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From remote |
|
Short Description:
A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2005-06-21 |
Secunia Advisory ID:
SA15765 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
Exposure of system information
|
Where:
From remote |
|
Short Description:
A weakness has been reported in certain Cisco products, which can be exploited by malicious people to gain knowledge of certain information. [Read More]
|
|
|
|
|
|
Release Date:
2005-03-31 |
Secunia Advisory ID:
SA14784 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
|
Where:
From local network |
|
Short Description:
A vulnerability has been reported in Cisco VPN Concentrator 3000 Series, which can be exploited by malicious people to cause a DoS (Denial of Service). [Read More]
|
|
|
|
|
|
Release Date:
2004-09-01 |
Secunia Advisory ID:
SA12410 |
Solution Status:
Vendor Patch |
|
Criticality:
 |
Impact:
DoS
System access
|
Where:
From remote |
|
Short Description:
Cisco has acknowledged multiple vulnerabilities in the Kerberos implementation in Cisco VPN Concentrator 3000, where the most critical potentially can be exploited by malicious people to compromise a vulnerable device. [Read More]
|
|
|
|
|
|
Release Date:
2004-04-16 |
Secunia Advisory ID:
SA11387 |
Solution Status:
Vendor Workaround |
|
Criticality:
|
Impact:
Exposure of sensitive information
|
Where:
Local system |
|
Short Description:
Two security issues have been reported in the Cisco's IPsec VPN implementation, which can be exploited by malicious, local users to gain knowledge of sensitive information. [Read More]
|
|
|
|
|
|
Release Date:
2003-05-08 |
Secunia Advisory ID:
SA8746 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
Security Bypass
DoS
|
Where:
From remote |
|
Short Description:
Cisco has released a security bulletin describing three vulnerabilities in VPN 3000 Concentrator. These allow malicious people to access internal hosts or cause a Denial of Service. [Read More]
|
|
|
|
|
|
Release Date:
2002-09-03 |
Secunia Advisory ID:
SA7064 |
Solution Status:
Vendor Patch |
|
Criticality:
|
Impact:
DoS
Exposure of sensitive information
Exposure of system information
|
Where:
From remote |
|
Short Description:
The Cisco VPN 3000 Concentrator series and Cisco VPN 3002 Hardware Client are vulnerable to many different attacks, ranging from DoS attack, exposing too much system information, revealing passwords to low privileged admin accounts, access to admin pages to non authenticated users, insufficient filtering of certain traffic. [Read More]
|
|
|
