Vulnerabilities > Cisco > VPN 3000 Concentrator Series Software > 4.7

DATE	CVE	VULNERABILITY TITLE	RISK
2006-08-23	CVE-2006-4313	Unspecified vulnerability in Cisco VPN 3000 Concentrator Series Software Multiple unspecified vulnerabilities in Cisco VPN 3000 series concentrators before 4.1, 4.1.x up to 4.1(7)L, and 4.7.x up to 4.7(2)F allow attackers to execute the (1) CWD, (2) MKD, (3) CDUP, (4) RNFR, (5) SIZE, and (6) RMD FTP commands to modify files or create and delete directories via unknown vectors. network low complexity cisco	5.0
2006-06-19	CVE-2006-3073	Cross-Site Scripting vulnerability in Cisco VPN3K/ASA WebVPN Clientless Mode Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) dnserror.html and (2) connecterror.html, aka bugid CSCsd81095 (VPN3k) and CSCse48193 (ASA). network high complexity cisco	2.6
2006-01-31	CVE-2006-0483	Remote Denial of Service vulnerability in Cisco products Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet. network low complexity cisco	7.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.