What is the severity of CVE-2001-0427?

CVE-2001-0427 is considered a denial of service vulnerability that can disrupt availability by allowing remote attackers to flood the system with invalid login requests.

How do I fix CVE-2001-0427?

To mitigate CVE-2001-0427, it is recommended to upgrade to Cisco VPN 3000 series concentrators firmware version 2.5.2(F) or later.

What products are affected by CVE-2001-0427?

CVE-2001-0427 affects several models of Cisco VPN 3000 series concentrators including the 3015, 3060, 3000, 3005, 3030, and 3080.

Can CVE-2001-0427 be exploited internally?

Yes, CVE-2001-0427 can be exploited by internal attackers if they can send a flood of invalid login requests to the vulnerable services.

Is CVE-2001-0427 a patchable vulnerability?

Yes, CVE-2001-0427 can be mitigated by applying the recommended firmware updates provided by Cisco.

Vulnerability/
CVE-2001-0427

high

7.1

CWE

18/6/2001

18/9/2001

8/8/2024

CVE-2001-0427: Input Validation

First published: Mon Jun 18 2001(Updated: )

Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Cisco VPN 3015 Concentrator
Cisco VPN 3060 Concentrator
Cisco VPN 3000 concentrator series software
Cisco VPN 3005 Concentrator
Cisco VPN 3030 Concentrator
Cisco VPN 3080 Concentrator

Remedy

http://www.cisco.com/warp/public/707/vpn3k-telnet-vuln-pub.shtml

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2001-0427?
CVE-2001-0427 is considered a denial of service vulnerability that can disrupt availability by allowing remote attackers to flood the system with invalid login requests.
How do I fix CVE-2001-0427?
To mitigate CVE-2001-0427, it is recommended to upgrade to Cisco VPN 3000 series concentrators firmware version 2.5.2(F) or later.
What products are affected by CVE-2001-0427?
CVE-2001-0427 affects several models of Cisco VPN 3000 series concentrators including the 3015, 3060, 3000, 3005, 3030, and 3080.
Can CVE-2001-0427 be exploited internally?
Yes, CVE-2001-0427 can be exploited by internal attackers if they can send a flood of invalid login requests to the vulnerable services.
Is CVE-2001-0427 a patchable vulnerability?
Yes, CVE-2001-0427 can be mitigated by applying the recommended firmware updates provided by Cisco.

agent/type
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/remedy
agent/severity
agent/weakness
agent/references
agent/author
agent/event
agent/description
agent/source
agent/tags
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/cisco
canonical/cisco vpn 3015 concentrator
canonical/cisco vpn 3060 concentrator
canonical/cisco vpn 3000 concentrator series software
canonical/cisco vpn 3005 concentrator
canonical/cisco vpn 3030 concentrator
canonical/cisco vpn 3080 concentrator

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.