CVE-1999-1175

Sažetak

Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.

Reference

http://www.ciac.org/ciac/bulletins/i-054.shtml
http://www.cisco.com/warp/public/770/wccpauth-pub.shtml
https://exchange.xforce.ibmcloud.com/vulnerabilities/1577

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

10-10-2017 - 01:29

Objavljeno

31-12-1999 - 05:00