CVE-2002-1623
Description
The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
72.457
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2002-1623 are affected in vpn-1_firewall-1 4.1-sp6 | NCM |
| Vulnerabilities CVE-2002-1623 are affected in vpn-1_firewall-1 4.1-sp5a | NCM |
| Vulnerabilities CVE-2002-1623 are affected in vpn-1_firewall-1 4.1-sp5 | NCM |
| Vulnerabilities CVE-2002-1623 are affected in vpn-1_firewall-1 4.1-sp4 | NCM |
| Vulnerabilities CVE-2002-1623 are affected in vpn-1_firewall-1 4.1 | NCM |
| Vulnerabilities CVE-2002-1623 are affected in vpn-1_firewall-1 4.0 | NCM |
| CVE-2002-1623 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234