Description
Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack.
CVSS Metrics
- Vector
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Access Vector
- network
- Access Cmplx
- low
- Auth
- none
- Confidentiality
- partial
- Integrity
- partial
- Availability
- partial
- Weaknesses
- NVD-CWE-Other
Metadata
- Primary Vendor
- CISCO
- Published
- 12/31/1999
- Last Modified
- 4/3/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
cisco : pix_private_link
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.