CVE-2011-0348

Sažetak

Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass intended access restrictions and intended billing restrictions by sending HTTP traffic to a restricted destination after sending HTTP traffic to an unrestricted destination, aka Bug ID CSCtk35917.

Reference

http://osvdb.org/70720
http://secunia.com/advisories/43052
http://securitytracker.com/id?1024992
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6791d.shtml
http://www.securityfocus.com/bid/46022
http://www.vupen.com/english/advisories/2011/0229
https://exchange.xforce.ibmcloud.com/vulnerabilities/64936

CVSS

Base:	6.4
Impact:	4.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:N

Zadnje važnije ažuriranje

17-08-2017 - 01:33

Objavljeno

28-01-2011 - 22:00