CVE-1999-1100

high

Description

Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits instead of 56 bits, which makes it easier for an attacker to find the proper key via a brute force attack.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/1579

http://www.cisco.com/warp/public/770/pixkey-pub.shtml

http://ciac.llnl.gov/ciac/bulletins/i-056.shtml

Details

Source: Mitre, NVD

Published: 1999-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00527