Vulnerability Description
Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Vpn Client | 2.0 |
References
- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtmlVendor Advisory
- http://www.securityfocus.com/bid/5653Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10046
- http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtmlVendor Advisory
- http://www.securityfocus.com/bid/5653Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10046
FAQ
What is CVE-2002-1107?
CVE-2002-1107 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.
How severe is CVE-2002-1107?
CVE-2002-1107 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1107?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Vpn Client.