Plaintext Password Exposure in Cisco VPN 3000 Concentrator

Plaintext Password Exposure in Cisco VPN 3000 Concentrator

CVE-2002-1096 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.

Learn more about our User Device Pen Test.