Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-2025

Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname.

Published

2005-06-20T04:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Hardware cisco vpn_3000_concentrator * Yes
Hardware cisco vpn_3015_concentrator * Yes
Hardware cisco vpn_3020_concentrator * Yes
Hardware cisco vpn_3030_concentator * Yes
Hardware cisco vpn_3060_concentrator * Yes
Hardware cisco vpn_3080_concentrator * Yes
Operating System cisco vpn_3000_concentrator_series_software 2.0 Yes
Operating System cisco vpn_3000_concentrator_series_software 2.5.2.a Yes
Operating System cisco vpn_3000_concentrator_series_software 2.5.2.b Yes
Operating System cisco vpn_3000_concentrator_series_software 2.5.2.c Yes
Operating System cisco vpn_3000_concentrator_series_software 2.5.2.d Yes
Operating System cisco vpn_3000_concentrator_series_software 2.5.2.f Yes
Operating System cisco vpn_3000_concentrator_series_software 3.0 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.0.3.a Yes
Operating System cisco vpn_3000_concentrator_series_software 3.0.3.b Yes
Operating System cisco vpn_3000_concentrator_series_software 3.0.4 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.1\(rel\) Yes
Operating System cisco vpn_3000_concentrator_series_software 3.1.1 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.1.2 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.1.4 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.5\(rel\) Yes
Operating System cisco vpn_3000_concentrator_series_software 3.5.1 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.5.2 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.5.3 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.5.4 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.5.5 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.6.1 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.6.3 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.6.5 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.6.7 Yes
Operating System cisco vpn_3000_concentrator_series_software 3.6.7.a Yes
Operating System cisco vpn_3000_concentrator_series_software 3.6.7.b Yes
Operating System cisco vpn_3000_concentrator_series_software 3.6.7.c Yes
Operating System cisco vpn_3000_concentrator_series_software 3.6.7.d Yes
Operating System cisco vpn_3000_concentrator_series_software 3.6.7.f Yes
Operating System cisco vpn_3000_concentrator_series_software 3.6.7d Yes
Operating System cisco vpn_3000_concentrator_series_software 4.0 Yes
Operating System cisco vpn_3000_concentrator_series_software 4.0.1 Yes
Operating System cisco vpn_3000_concentrator_series_software 4.0.5.b Yes
Operating System cisco vpn_3000_concentrator_series_software 4.1 Yes
Operating System cisco vpn_3000_concentrator_series_software 4.1.5.b Yes
Operating System cisco vpn_3000_concentrator_series_software 4.1.7.a Yes
Operating System cisco vpn_3000_concentrator_series_software 4.1.7.b Yes
Operating System cisco vpn_3005_concentrator_software 4.0.1 Yes
References