CVE-2002-1102

Published: Oct 4, 2002Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.

Affected (21)

Products: Cisco: Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client

Cisco

2 products

Vpn 3000 Concentrator Series Software

Vpn 3002 Hardware Client

Configuration A

21 vulnerable

Vulnerable Software	Affected Versions
Cisco Vpn 3000 Concentrator Series Software	Version 2.0
Cisco Vpn 3000 Concentrator Series Software	Version 2.5.2.a
Cisco Vpn 3000 Concentrator Series Software	Version 2.5.2.b
Cisco Vpn 3000 Concentrator Series Software	Version 2.5.2.c
Cisco Vpn 3000 Concentrator Series Software	Version 2.5.2.d
Cisco Vpn 3000 Concentrator Series Software	Version 2.5.2.f
Cisco Vpn 3000 Concentrator Series Software	Version 3.0.3.a
Cisco Vpn 3000 Concentrator Series Software	Version 3.0.3.b
Cisco Vpn 3000 Concentrator Series Software	Version 3.0.4
Cisco Vpn 3000 Concentrator Series Software	Version 3.0
Cisco Vpn 3000 Concentrator Series Software	Version 3.0(rel)
Cisco Vpn 3000 Concentrator Series Software	Version 3.1.1
Cisco Vpn 3000 Concentrator Series Software	Version 3.1.2
Cisco Vpn 3000 Concentrator Series Software	Version 3.1.4
Cisco Vpn 3000 Concentrator Series Software	Version 3.1
Cisco Vpn 3000 Concentrator Series Software	Version 3.1(rel)
Cisco Vpn 3000 Concentrator Series Software	Version 3.5.1
Cisco Vpn 3000 Concentrator Series Software	Version 3.5.2
Cisco Vpn 3000 Concentrator Series Software	Version 3.5.3
Cisco Vpn 3000 Concentrator Series Software	Version 3.5(rel)
Cisco Vpn 3002 Hardware Client	All versions