CVE-2002-0848
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2002-0848
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco VPN 5000系列集中器RADIUS PAP认证漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco VPN 5000系列集中器由通用的远程访问虚拟专网(VPN)平台和将高可用性、高性能和可扩展性与当今最先进的加密和认证技术结合在一起的客户机软件组成,它可以为专业运营商或企业用户提供服务。 Cisco VPN 5000系列集中器在使用RADIUS方式进行PAP认证时存在一个安全漏洞,用户口令可能会以明文方式发送。攻击者可以在与Cisco VPN 5000集中器和RADIUS服务器相连的网络上进行窃听,获取用户口令。 VPN 5000系列集中器支持三种RADIUS通信方式。[RADIUS]部分中
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2002-0848
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2002-0848
请登录查看更多情报信息。
- http://www.cisco.com/warp/public/707/vpn5k-radius-pap-vuln-pub.shtmlvendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2002-0848
Same Patch Batch · n/a · 2003-04-02 · 350 CVEs total
| CVE-2002-0718 | Microsoft Content Management Server 2001文件上传漏洞(MS02-041) | |
| CVE-2002-0738 | MHonArc HTML脚本过滤可绕过漏洞 | |
| CVE-2002-0737 | Sambar WEB服务程序服务端文件解析可绕过漏洞 | |
| CVE-2002-0736 | Microsoft BackOffice授权问题漏洞 | |
| CVE-2002-0734 | B2 B2config.php远程命令执行漏洞 | |
| CVE-2002-0733 | ACME Labs thttpd跨站脚本执行漏洞 | |
| CVE-2002-0727 | Microsoft OWC可导致Active脚本执行漏洞 | |
| CVE-2002-0726 | Microsoft TSAC ActiveX远程缓冲区溢出漏洞(MS02-046) | |
| CVE-2002-0722 | Microsoft Internet Explorer 安全漏洞 | |
| CVE-2002-0720 | Microsoft Windows 2000网络连接管理器权限提升漏洞(MS02-042) | |
| CVE-2002-0719 | Microsoft Content Management Server 2001 SQL注入漏洞(MS02-041) | |
| CVE-2002-0703 | Gisle Aas Digest-MD5 UTF-8摘要计算存在漏洞 | |
| CVE-2002-0695 | Microsoft Data Access Components T-SQL OpenRowSet远程缓冲区溢出漏洞(MS02-040) | |
| CVE-2002-0697 | Microsoft Metadirectory服务远程LDAP客户端管理员访问漏洞(MS02-036) | |
| CVE-2002-0698 | Microsoft Exchange Server 缓冲区错误漏洞 | |
| CVE-2002-0700 | Microsoft Content Management Server 2001用户认证缓冲区溢出漏洞(MS02-041) | |
| CVE-2002-0701 | 多个供应商进BSD KTrace SUID/SGID进程追踪漏洞 | |
| CVE-2002-0710 | Rod Clark sendform.cgi远程可获得任意文件漏洞 | |
| CVE-2002-0716 | OpenServer定时服务格式字符串漏洞 | |
| CVE-2002-0714 | Squid FTP代理数据通道漏洞 |
Showing top 20 of 350 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2002-0848
No comments yet