Vulnerability Description
Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service (resource exhaustion) by capturing a session and repeatedly replaying the session.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sygate Technologies | Secure Enterprise | <= 3.5mr3 |
References
- http://marc.info/?l=bugtraq&m=109215685731675&w=2
- http://www.corsaire.com/advisories/c031120-002.txtPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16945
- http://marc.info/?l=bugtraq&m=109215685731675&w=2
- http://www.corsaire.com/advisories/c031120-002.txtPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16945
FAQ
What is CVE-2004-0163?
CVE-2004-0163 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Sygate Secure Enterprise (SSE) 3.5MR3 and earlier does not change the key used to encrypt data, which allows remote attackers to cause a denial of service (resource exhaustion) by capturing a session ...
How severe is CVE-2004-0163?
CVE-2004-0163 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0163?
Check the references section above for vendor advisories and patch information. Affected products include: Sygate Technologies Secure Enterprise.