Vulnerabilities > CVE-1999-1100 - Unspecified vulnerability in Cisco PIX Private Link 4.1(6)

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

cisco

NVD

Published: 1999-12-31

Updated: 2017-10-10

Summary

Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco PIX Private Link - Cisco PIX Private Link 4.1\(6\)	2

References

http://ciac.llnl.gov/ciac/bulletins/i-056.shtml
http://www.cisco.com/warp/public/770/pixkey-pub.shtml
https://exchange.xforce.ibmcloud.com/vulnerabilities/1579