CVE-2002-1623

CVE Database · CVE-2002-1623

CVE-2002-1623

· N/AModified

CVSS v3.1

N/A

EPSS

48.57%

Published

Dec 31, 2002

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote.

Affected Products (2)

checkpoint · vpn-1_firewall-1vulnerable

References (20)

http://lists.grok.org.uk/pipermail/full-disclosure/2002-September/001223.html

http://marc.info/?l=bugtraq&m=103124812629621&w=2

http://marc.info/?l=bugtraq&m=103176164729351&w=2

http://www.checkpoint.com/techsupport/alerts/ike.html

http://www.kb.cert.org/vuls/id/886601

US Government Resource

http://www.nta-monitor.com/news/checkpoint.htm

http://www.securiteam.com/securitynews/5TP040U8AW.html

Exploit

http://www.securityfocus.com/archive/1/290202

Exploit

http://www.securityfocus.com/bid/5607

https://exchange.xforce.ibmcloud.com/vulnerabilities/10034

KEV Catalog EPSS Scores Vendors All CVEs