Vulnerabilities > CVE-2002-2139 - Unspecified vulnerability in Cisco PIX Firewall Software
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 7 |