var-200212-0088
Vulnerability from variot
Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. By exploiting this issue, a remote attacker can gain access to legitimate users. IP Get the address, PIX * Firewall It is possible to avoid authentication. For this attack to succeed, the attacker must use the pre-shared key required for authentication. (group pre-shared key) Or you need to get a group password.Please refer to the “Overview” for the impact of this vulnerability. PIX is the firewall system/firmware combination distributed and maintained by Cisco Systems. A vulnerability has been discovered in the handling of VPN sessions by PIX firewalls. When processing initial contact notify messages, PIX does not remove duplicate peer-to-peer ISAKMP SAs. When a user establishes a VPN session during peer user authentication, the PIX creates a KSAKMP SA associated with the user and his IP address. If an attacker can prevent a logged-in user from connecting, and use the same IP address as that user to connect to the PIX, the attacker can successfully establish a VPN session through the PIX and gain unauthorized access to the internal network. CISCO designated this vulnerability BUG ID as: CSCdv83490
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0088",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.7,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 1.7,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1\\(2\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(3\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(2\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0\\(1\\)"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.1\\(3\\)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.0\\(1\\)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.0\\(3\\)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.1\\(3\\)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.1\\(2\\)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.0\\(2\\)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(2)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.3"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(2)"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(1)"
},
{
"model": "pix firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.2.1"
},
{
"model": "pix firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1.4"
},
{
"model": "pix firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0.4"
}
],
"sources": [
{
"db": "BID",
"id": "6211"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000284"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-577"
},
{
"db": "NVD",
"id": "CVE-2002-2139"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:pix_firewall",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000284"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco PSIRT\u203b psirt@cisco.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-577"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2139",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-2139",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-6522",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-2139",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2002-2139",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-577",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6522",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6522"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000284"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-577"
},
{
"db": "NVD",
"id": "CVE-2002-2139"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user\u0027s VPN session, which allows local users to hijack a session via a man-in-the-middle attack. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. By exploiting this issue, a remote attacker can gain access to legitimate users. IP Get the address, PIX * Firewall It is possible to avoid authentication. For this attack to succeed, the attacker must use the pre-shared key required for authentication. (group pre-shared key) Or you need to get a group password.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. PIX is the firewall system/firmware combination distributed and maintained by Cisco Systems. \nA vulnerability has been discovered in the handling of VPN sessions by PIX firewalls. When processing initial contact notify messages, PIX does not remove duplicate peer-to-peer ISAKMP SAs. When a user establishes a VPN session during peer user authentication, the PIX creates a KSAKMP SA associated with the user and his IP address. If an attacker can prevent a logged-in user from connecting, and use the same IP address as that user to connect to the PIX, the attacker can successfully establish a VPN session through the PIX and gain unauthorized access to the internal network. CISCO designated this vulnerability BUG ID as: CSCdv83490",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2139"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000284"
},
{
"db": "BID",
"id": "6211"
},
{
"db": "VULHUB",
"id": "VHN-6522"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "6211",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2002-2139",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000284",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200212-577",
"trust": 0.7
},
{
"db": "XF",
"id": "10660",
"trust": 0.6
},
{
"db": "CIAC",
"id": "N-017",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20021120 CISCO PIX MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3872",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6522",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6522"
},
{
"db": "BID",
"id": "6211"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000284"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-577"
},
{
"db": "NVD",
"id": "CVE-2002-2139"
}
]
},
"id": "VAR-200212-0088",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6522"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-22T22:57:15.124000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "pix-multiple-vuln-pub",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
},
{
"title": "pix-multiple-vuln-pub",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/pix-multiple-vuln-pub-j.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000284"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2139"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.securityfocus.com/bid/6211"
},
{
"trust": 3.0,
"url": "http://www.cisco.com/warp/public/707/pix-multiple-vuln-pub.shtml"
},
{
"trust": 2.7,
"url": "http://www.ciac.org/ciac/bulletins/n-017.shtml"
},
{
"trust": 2.7,
"url": "http://www.iss.net/security_center/static/10660.php"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2002-2139"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-2139"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3872"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6522"
},
{
"db": "BID",
"id": "6211"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000284"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-577"
},
{
"db": "NVD",
"id": "CVE-2002-2139"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6522"
},
{
"db": "BID",
"id": "6211"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000284"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-577"
},
{
"db": "NVD",
"id": "CVE-2002-2139"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6522"
},
{
"date": "2002-11-20T00:00:00",
"db": "BID",
"id": "6211"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000284"
},
{
"date": "2002-11-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-577"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2139"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-6522"
},
{
"date": "2002-11-20T00:00:00",
"db": "BID",
"id": "6211"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000284"
},
{
"date": "2006-01-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-577"
},
{
"date": "2024-11-20T23:42:58.033000",
"db": "NVD",
"id": "CVE-2002-2139"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-577"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco PIX Firewall of ISAKMP SA Session hijack vulnerability due to improper handling",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000284"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-577"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.