Man-in-the-Middle Vulnerability in Cisco VPN Client Software
CVE-2002-1106

Currently unrated

Key Information:

Vendor

Cisco
Status
Vpn Client
Vendor
CVE Published:
4 October 2002

What is CVE-2002-1106?

The Cisco VPN Client software versions 2.x.x and 3.x prior to 3.5.1C contains a vulnerability due to inadequate validation of certificate Distinguished Name (DN) fields against those from the VPN Concentrator. This flaw enables remote attackers to potentially execute man-in-the-middle attacks, compromising the security of communications over the VPN by intercepting and altering data traffic without detection.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.cisco.com/warp/public/707/vpnclient-multiple2-...
vendor-advisoryx_refsource_CISCO
https://exchange.xforce.ibmcloud.com/vulnerabilities/10045
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/5652
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.