Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Vpn_3000_concentrator_series_software | Cisco | 2.0 | 2.0 |
Vpn_3000_concentrator_series_software | Cisco | 2.5.2.a | 2.5.2.a |
Vpn_3000_concentrator_series_software | Cisco | 2.5.2.b | 2.5.2.b |
Vpn_3000_concentrator_series_software | Cisco | 2.5.2.c | 2.5.2.c |
Vpn_3000_concentrator_series_software | Cisco | 2.5.2.d | 2.5.2.d |
Vpn_3000_concentrator_series_software | Cisco | 2.5.2.f | 2.5.2.f |
Vpn_3000_concentrator_series_software | Cisco | 3.0 | 3.0 |
Vpn_3000_concentrator_series_software | Cisco | 3.0(rel) | 3.0(rel) |
Vpn_3000_concentrator_series_software | Cisco | 3.0.3.a | 3.0.3.a |
Vpn_3000_concentrator_series_software | Cisco | 3.0.3.b | 3.0.3.b |
Vpn_3000_concentrator_series_software | Cisco | 3.0.4 | 3.0.4 |
Vpn_3000_concentrator_series_software | Cisco | 3.1 | 3.1 |
Vpn_3000_concentrator_series_software | Cisco | 3.1(rel) | 3.1(rel) |
Vpn_3000_concentrator_series_software | Cisco | 3.1.1 | 3.1.1 |
Vpn_3000_concentrator_series_software | Cisco | 3.1.2 | 3.1.2 |
Vpn_3000_concentrator_series_software | Cisco | 3.1.4 | 3.1.4 |
Vpn_3000_concentrator_series_software | Cisco | 3.5(rel) | 3.5(rel) |
Vpn_3000_concentrator_series_software | Cisco | 3.5.1 | 3.5.1 |
Vpn_3000_concentrator_series_software | Cisco | 3.5.2 | 3.5.2 |