What is the severity of CVE-2002-1103?

CVE-2002-1103 is classified as a high-severity vulnerability due to its potential to cause a denial of service.

Which systems are affected by CVE-2002-1103?

CVE-2002-1103 affects Cisco VPN 3000 Concentrator versions 2.2.x, 3.6(Rel), and earlier versions of 3.x before 3.5.5.

How can I fix CVE-2002-1103?

To mitigate CVE-2002-1103, it is recommended to update the Cisco VPN 3000 Concentrator to the latest available software version.

What type of attack does CVE-2002-1103 enable?

CVE-2002-1103 allows remote attackers to conduct a denial of service attack through malformed or large ISAKMP packets.

Is there a workaround for CVE-2002-1103?

While there are no official workarounds for CVE-2002-1103, limiting access to the affected systems may reduce exposure to potential attacks.

Vulnerability/
CVE-2002-1103

medium

CWE

NVD-CWE-Other

10/9/2002

8/8/2024

CVE-2002-1103

First published: Tue Sep 10 2002(Updated: )

Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Cisco VPN 3000 concentrator series software	=2.0
Cisco VPN 3000 concentrator series software	=2.5.2.a
Cisco VPN 3000 concentrator series software	=2.5.2.b
Cisco VPN 3000 concentrator series software	=2.5.2.c
Cisco VPN 3000 concentrator series software	=2.5.2.d
Cisco VPN 3000 concentrator series software	=2.5.2.f
Cisco VPN 3000 concentrator series software	=3.0
Cisco VPN 3000 concentrator series software	=3.0\(rel\)
Cisco VPN 3000 concentrator series software	=3.0.3.a
Cisco VPN 3000 concentrator series software	=3.0.3.b
Cisco VPN 3000 concentrator series software	=3.0.4
Cisco VPN 3000 concentrator series software	=3.1
Cisco VPN 3000 concentrator series software	=3.1\(rel\)
Cisco VPN 3000 concentrator series software	=3.1.1
Cisco VPN 3000 concentrator series software	=3.1.2
Cisco VPN 3000 concentrator series software	=3.1.4
Cisco VPN 3000 concentrator series software	=3.5\(rel\)
Cisco VPN 3000 concentrator series software	=3.5.1
Cisco VPN 3000 concentrator series software	=3.5.2
Cisco VPN 3000 concentrator series software	=3.5.3
Cisco VPN 3000 concentrator series software	=3.5.4
Cisco VPN 3000 concentrator series software	=3.6\(rel\)
Cisco VPN 3002 Hardware Client

Remedy

http://www.kb.cert.org/vuls/id/761651

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-1103?
CVE-2002-1103 is classified as a high-severity vulnerability due to its potential to cause a denial of service.
Which systems are affected by CVE-2002-1103?
CVE-2002-1103 affects Cisco VPN 3000 Concentrator versions 2.2.x, 3.6(Rel), and earlier versions of 3.x before 3.5.5.
How can I fix CVE-2002-1103?
To mitigate CVE-2002-1103, it is recommended to update the Cisco VPN 3000 Concentrator to the latest available software version.
What type of attack does CVE-2002-1103 enable?
CVE-2002-1103 allows remote attackers to conduct a denial of service attack through malformed or large ISAKMP packets.
Is there a workaround for CVE-2002-1103?
While there are no official workarounds for CVE-2002-1103, limiting access to the affected systems may reduce exposure to potential attacks.

collector/nvd-historical
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/author
agent/last-modified-date
agent/description
agent/remedy
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco vpn 3000 concentrator series software
version/cisco vpn 3000 concentrator series software/2.0
version/cisco vpn 3000 concentrator series software/2.5.2.a
version/cisco vpn 3000 concentrator series software/2.5.2.b
version/cisco vpn 3000 concentrator series software/2.5.2.c
version/cisco vpn 3000 concentrator series software/2.5.2.d
version/cisco vpn 3000 concentrator series software/2.5.2.f
version/cisco vpn 3000 concentrator series software/3.0
version/cisco vpn 3000 concentrator series software/3.0\(rel\)
version/cisco vpn 3000 concentrator series software/3.0.3.a
version/cisco vpn 3000 concentrator series software/3.0.3.b
version/cisco vpn 3000 concentrator series software/3.0.4
version/cisco vpn 3000 concentrator series software/3.1
version/cisco vpn 3000 concentrator series software/3.1\(rel\)
version/cisco vpn 3000 concentrator series software/3.1.1
version/cisco vpn 3000 concentrator series software/3.1.2
version/cisco vpn 3000 concentrator series software/3.1.4
version/cisco vpn 3000 concentrator series software/3.5\(rel\)
version/cisco vpn 3000 concentrator series software/3.5.1
version/cisco vpn 3000 concentrator series software/3.5.2
version/cisco vpn 3000 concentrator series software/3.5.3
version/cisco vpn 3000 concentrator series software/3.5.4
version/cisco vpn 3000 concentrator series software/3.6\(rel\)
canonical/cisco vpn 3002 hardware client