CVE-2002-1096

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.

Affected Software

Name	Vendor	Start Version	End Version
Vpn_3000_concentrator_series_software	Cisco	2.0 (including)	2.0 (including)
Vpn_3000_concentrator_series_software	Cisco	2.5.2.a (including)	2.5.2.a (including)
Vpn_3000_concentrator_series_software	Cisco	2.5.2.b (including)	2.5.2.b (including)
Vpn_3000_concentrator_series_software	Cisco	2.5.2.c (including)	2.5.2.c (including)
Vpn_3000_concentrator_series_software	Cisco	2.5.2.d (including)	2.5.2.d (including)
Vpn_3000_concentrator_series_software	Cisco	2.5.2.f (including)	2.5.2.f (including)
Vpn_3000_concentrator_series_software	Cisco	3.0 (including)	3.0 (including)
Vpn_3000_concentrator_series_software	Cisco	3.0(rel) (including)	3.0(rel) (including)
Vpn_3000_concentrator_series_software	Cisco	3.0.3.a (including)	3.0.3.a (including)
Vpn_3000_concentrator_series_software	Cisco	3.0.3.b (including)	3.0.3.b (including)
Vpn_3000_concentrator_series_software	Cisco	3.0.4 (including)	3.0.4 (including)
Vpn_3000_concentrator_series_software	Cisco	3.1 (including)	3.1 (including)
Vpn_3000_concentrator_series_software	Cisco	3.1(rel) (including)	3.1(rel) (including)
Vpn_3000_concentrator_series_software	Cisco	3.1.1 (including)	3.1.1 (including)
Vpn_3000_concentrator_series_software	Cisco	3.1.2 (including)	3.1.2 (including)
Vpn_3000_concentrator_series_software	Cisco	3.5(rel) (including)	3.5(rel) (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1096
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References