Details of VAR-200210-0269

ID

VAR-200210-0269

CVE

CVE-2002-1098

TITLE

Cisco VPN 3000 Series Concentrator XML Filter Configuring an error access vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200210-186

DESCRIPTION

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator. Cisco VPN 3000 series concentrators are prone to an issue with XML filters which may inadvertently allow unauthorized network access to occur. This issue occurs when XML filters have been enabled on the public interface of the device. The vulnerable concentrator checks the destination port only when the value for the protocol is set to "TCP" or "UDP". Since the protocol is mistakenly set to "ANY", this will allow network connections using any protocol to an arbitrary port to occur through the concentrator. Cisco VPN 3000 Concentrator 2.2.x before 3.5.3, and 3.x versions have vulnerabilities

Trust: 1.26

sources: NVD: CVE-2002-1098 // BID: 5614 // VULHUB: VHN-5486

AFFECTED PRODUCTS

vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30002.5.2	Trust: 1.5
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.0	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.a	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0.3.b	Trust: 1.0
vendor:	cisco	model:	vpn 3002 hardware client	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.b	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0.4	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0\(rel\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0.3.a	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.c	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.d	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1.2	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1.4	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5\(rel\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.f	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1\(rel\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.2	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0	Trust: 1.0
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.0.3	Trust: 0.6
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	3.1	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	3.1.1	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	3.1.2	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	3.1\(rel\)	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	3.1.4	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	3.5\(rel\)	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	3.5.1	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	3.5.2	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	3.0.3.b	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	3.0.4	Trust: 0.6
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.0.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.5.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.5.3	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.6	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.5.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1.2	Trust: 0.3
vendor:	cisco	model:	vpn hardware client	scope:	eq	version:	3002	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30002.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30003.6.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.1	Trust: 0.3

sources: BID: 5614 // CNNVD: CNNVD-200210-186 // NVD: CVE-2002-1098

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2002-1098
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200210-186
value:	HIGH
Trust: 0.6
VULHUB:	VHN-5486
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2002-1098
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-5486
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-5486 // CNNVD: CNNVD-200210-186 // NVD: CVE-2002-1098

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-1098

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200210-186

TYPE

Design Error

Trust: 0.9

sources: BID: 5614 // CNNVD: CNNVD-200210-186

EXTERNAL IDS

db:	NVD	id:	CVE-2002-1098	Trust: 2.0
db:	BID	id:	5614	Trust: 2.0
db:	CNNVD	id:	CNNVD-200210-186	Trust: 0.7
db:	XF	id:	10023	Trust: 0.6
db:	CISCO	id:	20020903 CISCO VPN 3000 CONCENTRATOR MULTIPLE VULNERABILITIES	Trust: 0.6
db:	VULHUB	id:	VHN-5486	Trust: 0.1

sources: VULHUB: VHN-5486 // BID: 5614 // CNNVD: CNNVD-200210-186 // NVD: CVE-2002-1098

REFERENCES

url:	http://www.securityfocus.com/bid/5614	Trust: 1.7
url:	http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml	Trust: 1.7
url:	http://www.iss.net/security_center/static/10023.php	Trust: 1.7

sources: VULHUB: VHN-5486 // CNNVD: CNNVD-200210-186 // NVD: CVE-2002-1098

CREDITS

Vulnerability announced in a Cisco Security Advisory.

Trust: 0.9

sources: BID: 5614 // CNNVD: CNNVD-200210-186

SOURCES

db:	VULHUB	id:	VHN-5486
db:	BID	id:	5614
db:	CNNVD	id:	CNNVD-200210-186
db:	NVD	id:	CVE-2002-1098

LAST UPDATE DATE

2024-08-14T14:16:15.785000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-5486	date:	2018-10-30T00:00:00
db:	BID	id:	5614	date:	2009-07-11T15:56:00
db:	CNNVD	id:	CNNVD-200210-186	date:	2005-10-12T00:00:00
db:	NVD	id:	CVE-2002-1098	date:	2018-10-30T16:26:19.107

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-5486	date:	2002-10-04T00:00:00
db:	BID	id:	5614	date:	2002-09-03T00:00:00
db:	CNNVD	id:	CNNVD-200210-186	date:	2002-10-04T00:00:00
db:	NVD	id:	CVE-2002-1098	date:	2002-10-04T04:00:00