2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2002-0852" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2002-09-05T04:00:00.000" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-20T23:40:01.867" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads."
} ,
{
"lang" : "es" ,
"value" : "Desbordamiento de b\u00fafer en Cliente de Red Privada Virtual (VPN) de Cisco 3.5.4 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio mediante\r\nun Intecambio de Clave de Intenet (Internet Key Exchange - IKE) con un contenido \u00fatil (payload) de una \u00cdndice de Par\u00e1metro de Seguridad (Security Parameter Index - SQI) largo, o\r\nun paquete IKE con un n\u00famero grande de contenidos \u00fatiles v\u00e1lidos."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 5.0 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-Other"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:vpn_client:3.5.1:*:linux:*:*:*:*:*" ,
"matchCriteriaId" : "2BD00D0A-EB6E-41AA-851D-9DD258E23BEA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:vpn_client:3.5.1:*:mac_os_x:*:*:*:*:*" ,
"matchCriteriaId" : "3FB66EB9-9FE9-4B13-9E5F-E9DEDCD0E3C3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:vpn_client:3.5.1:*:solaris:*:*:*:*:*" ,
"matchCriteriaId" : "88EB557F-33CD-40FE-B470-04F93CB2F3E3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:vpn_client:3.5.1:*:windows:*:*:*:*:*" ,
"matchCriteriaId" : "59938F7D-5F64-4FC0-A5B2-C798AF297130"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:vpn_client:3.5.2:*:linux:*:*:*:*:*" ,
"matchCriteriaId" : "F2EEB23E-4592-49A1-BDC6-110580340AAD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:vpn_client:3.5.2:*:mac_os_x:*:*:*:*:*" ,
"matchCriteriaId" : "D548CEFE-1970-42D3-9039-196A3B5F5D0B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:vpn_client:3.5.2:*:solaris:*:*:*:*:*" ,
"matchCriteriaId" : "2D4BDB9B-99D8-42B7-8D57-2B57029220F1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:cisco:vpn_client:3.5.2:*:windows:*:*:*:*:*" ,
"matchCriteriaId" : "2288FB91-4607-417D-8658-E1B8090BE40A"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://www.cisco.com/warp/public/707/vpnclient-multiple-vuln-pub.shtml" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "http://www.cisco.com/warp/public/707/vpnclient-multiple-vuln-pub.shtml" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
