VAR-200304-0127
Vulnerability from variot - Updated: 2025-04-03 22:24The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges. The Cisco VPN 5000 Client on Mac OS saves configuration information for the default connection in the resource fork of the preferences file. Authentication credentials for the most recent login are included in the configuration. A tool such as ResEdit may be used to extract this information. Cisco Virtual Private Network (VPN) client program is a program used to securely communicate with enterprise CISCO VPN devices through the Internet. Can be used under a variety of operating systems, including MacOS X operating system. Local attackers can use this vulnerability to obtain sensitive information by viewing the configuration file. A local attacker can read password information stored in plain text by using a tool such as ResEdit. This problem exists even when the \"SaveSecrets\" option is used, or when encrypting passwords. CISCO designated this vulnerability number as: CSCdx17109
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0127",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vpn 5000 client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.1"
},
{
"model": "vpn 5000 client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.1.2"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2.1"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.1.2"
},
{
"model": "vpn client for mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2.2"
}
],
"sources": [
{
"db": "BID",
"id": "5736"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-031"
},
{
"db": "NVD",
"id": "CVE-2002-1491"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ofir Arkin\u203b ofir@stake.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-031"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1491",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1491",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-5876",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1491",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200304-031",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5876",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5876"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-031"
},
{
"db": "NVD",
"id": "CVE-2002-1491"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving \"Default Connection\" settings, which could allow local users to gain privileges. The Cisco VPN 5000 Client on Mac OS saves configuration information for the default connection in the resource fork of the preferences file. Authentication credentials for the most recent login are included in the configuration. A tool such as ResEdit may be used to extract this information. Cisco Virtual Private Network (VPN) client program is a program used to securely communicate with enterprise CISCO VPN devices through the Internet. Can be used under a variety of operating systems, including MacOS X operating system. Local attackers can use this vulnerability to obtain sensitive information by viewing the configuration file. A local attacker can read password information stored in plain text by using a tool such as ResEdit. This problem exists even when the \\\"SaveSecrets\\\" option is used, or when encrypting passwords. CISCO designated this vulnerability number as: CSCdx17109",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1491"
},
{
"db": "BID",
"id": "5736"
},
{
"db": "VULHUB",
"id": "VHN-5876"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5736",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-1491",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "7041",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200304-031",
"trust": 0.7
},
{
"db": "XF",
"id": "5000",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20020918 CISCO VPN 5000 CLIENT MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-5876",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5876"
},
{
"db": "BID",
"id": "5736"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-031"
},
{
"db": "NVD",
"id": "CVE-2002-1491"
}
]
},
"id": "VAR-200304-0127",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5876"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:24:10.130000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1491"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5736"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/7041"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10129.php"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5876"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-031"
},
{
"db": "NVD",
"id": "CVE-2002-1491"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5876"
},
{
"db": "BID",
"id": "5736"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-031"
},
{
"db": "NVD",
"id": "CVE-2002-1491"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-5876"
},
{
"date": "2002-09-18T00:00:00",
"db": "BID",
"id": "5736"
},
{
"date": "2002-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-031"
},
{
"date": "2003-04-02T05:00:00",
"db": "NVD",
"id": "CVE-2002-1491"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-5876"
},
{
"date": "2009-07-11T17:06:00",
"db": "BID",
"id": "5736"
},
{
"date": "2005-10-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-031"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1491"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-031"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Mac OS VPN 5000 Client Password Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "5736"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-031"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "5736"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-031"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…