ID

VAR-199912-0022


CVE

CVE-1999-1100


TITLE

Cisco PIX Private Link Profile Encryption Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199912-127

DESCRIPTION

Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack. Cisco Pix Private Link is prone to a remote security vulnerability. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks

Trust: 1.26

sources: NVD: CVE-1999-1100 // BID: 87029 // VULHUB: VHN-1081

AFFECTED PRODUCTS

vendor:ciscomodel:pix private linkscope:lteversion:4.1\(6\)

Trust: 1.0

vendor:ciscomodel:pix private linkscope:eqversion:4.1\(6\)

Trust: 0.6

sources: CNNVD: CNNVD-199912-127 // NVD: CVE-1999-1100

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1100
value: HIGH

Trust: 1.0

CNNVD: CNNVD-199912-127
value: HIGH

Trust: 0.6

VULHUB: VHN-1081
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-1999-1100
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-1081
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1081 // CNNVD: CNNVD-199912-127 // NVD: CVE-1999-1100

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-1100

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199912-127

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199912-127

EXTERNAL IDS

db:NVDid:CVE-1999-1100

Trust: 2.0

db:XFid:1579

Trust: 0.9

db:CNNVDid:CNNVD-199912-127

Trust: 0.7

db:CIACid:I-056

Trust: 0.6

db:CISCOid:19980616 PIX PRIVATE LINK KEY PROCESSING AND CRYPTOGRAPHY ISSUES

Trust: 0.6

db:BIDid:87029

Trust: 0.4

db:VULHUBid:VHN-1081

Trust: 0.1

sources: VULHUB: VHN-1081 // BID: 87029 // CNNVD: CNNVD-199912-127 // NVD: CVE-1999-1100

REFERENCES

url:http://ciac.llnl.gov/ciac/bulletins/i-056.shtml

Trust: 3.0

url:http://www.cisco.com/warp/public/770/pixkey-pub.shtml

Trust: 3.0

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/1579

Trust: 2.1

url:http://xforce.iss.net/static/1579.php

Trust: 0.9

sources: VULHUB: VHN-1081 // BID: 87029 // CNNVD: CNNVD-199912-127 // NVD: CVE-1999-1100

CREDITS

Unknown

Trust: 0.3

sources: BID: 87029

SOURCES

db:VULHUBid:VHN-1081
db:BIDid:87029
db:CNNVDid:CNNVD-199912-127
db:NVDid:CVE-1999-1100

LAST UPDATE DATE

2024-11-22T23:08:33.674000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1081date:2017-10-10T00:00:00
db:BIDid:87029date:1999-12-31T00:00:00
db:CNNVDid:CNNVD-199912-127date:2005-05-02T00:00:00
db:NVDid:CVE-1999-1100date:2024-11-20T23:30:18.157

SOURCES RELEASE DATE

db:VULHUBid:VHN-1081date:1999-12-31T00:00:00
db:BIDid:87029date:1999-12-31T00:00:00
db:CNNVDid:CNNVD-199912-127date:1999-12-31T00:00:00
db:NVDid:CVE-1999-1100date:1999-12-31T05:00:00