CVE-2002-1105 — MEDIUM (4.6)

Vulnerability Description

Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Cisco	Vpn Client	2.0

References

http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtmlVendor Advisory
http://www.securityfocus.com/bid/5650
https://exchange.xforce.ibmcloud.com/vulnerabilities/10044
http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtmlVendor Advisory
http://www.securityfocus.com/bid/5650
https://exchange.xforce.ibmcloud.com/vulnerabilities/10044

FAQ

What is CVE-2002-1105?

CVE-2002-1105 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password.

How severe is CVE-2002-1105?

CVE-2002-1105 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2002-1105?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Vpn Client.