Details of VAR-199912-0022

ID

VAR-199912-0022

CVE

CVE-1999-1100

TITLE

Cisco PIX Private Link Profile Encryption Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199912-127

DESCRIPTION

Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. Cisco Pix Private Link is prone to a remote security vulnerability. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks

Trust: 1.26

sources: NVD: CVE-1999-1100 // BID: 87029 // VULHUB: VHN-1081

AFFECTED PRODUCTS

vendor:	cisco	model:	pix private link	scope:	lte	version:	4.1\(6\)	Trust: 1.0
vendor:	cisco	model:	pix private link	scope:	eq	version:	4.1\(6\)	Trust: 0.6

sources: CNNVD: CNNVD-199912-127 // NVD: CVE-1999-1100

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-1999-1100
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-199912-127
value:	HIGH
Trust: 0.6
VULHUB:	VHN-1081
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-1999-1100
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-1081
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-1081 // CNNVD: CNNVD-199912-127 // NVD: CVE-1999-1100

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-1100

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199912-127

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199912-127

EXTERNAL IDS

db:	NVD	id:	CVE-1999-1100	Trust: 2.0
db:	XF	id:	1579	Trust: 0.9
db:	CNNVD	id:	CNNVD-199912-127	Trust: 0.7
db:	CIAC	id:	I-056	Trust: 0.6
db:	CISCO	id:	19980616 PIX PRIVATE LINK KEY PROCESSING AND CRYPTOGRAPHY ISSUES	Trust: 0.6
db:	BID	id:	87029	Trust: 0.4
db:	VULHUB	id:	VHN-1081	Trust: 0.1

sources: VULHUB: VHN-1081 // BID: 87029 // CNNVD: CNNVD-199912-127 // NVD: CVE-1999-1100

REFERENCES

url:	http://ciac.llnl.gov/ciac/bulletins/i-056.shtml	Trust: 2.0
url:	http://www.cisco.com/warp/public/770/pixkey-pub.shtml	Trust: 2.0
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/1579	Trust: 1.1
url:	http://xforce.iss.net/static/1579.php	Trust: 0.9

sources: VULHUB: VHN-1081 // BID: 87029 // CNNVD: CNNVD-199912-127 // NVD: CVE-1999-1100

CREDITS

Unknown

Trust: 0.3

sources: BID: 87029

SOURCES

db:	VULHUB	id:	VHN-1081
db:	BID	id:	87029
db:	CNNVD	id:	CNNVD-199912-127
db:	NVD	id:	CVE-1999-1100

LAST UPDATE DATE

2024-08-14T14:09:17.717000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-1081	date:	2017-10-10T00:00:00
db:	BID	id:	87029	date:	1999-12-31T00:00:00
db:	CNNVD	id:	CNNVD-199912-127	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-1999-1100	date:	2017-10-10T01:29:02.107

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-1081	date:	1999-12-31T00:00:00
db:	BID	id:	87029	date:	1999-12-31T00:00:00
db:	CNNVD	id:	CNNVD-199912-127	date:	1999-12-31T00:00:00
db:	NVD	id:	CVE-1999-1100	date:	1999-12-31T05:00:00