Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.Referenceshttp://www.kb.cert.org/vuls/id/727780http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/11954
