Vpn 3000 Concentrator Series Software CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2002-1103	1 Cisco	2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client	2026-04-16	N/A
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.
CVE-2001-0428	1 Cisco	1 Vpn 3000 Concentrator Series Software	2026-04-16	N/A
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option.
CVE-2002-1092	1 Cisco	1 Vpn 3000 Concentrator Series Software	2026-04-16	N/A
Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.
CVE-2002-1094	1 Cisco	2 Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client	2026-04-16	N/A
Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request.

« first previous Page 2 of 2.