Lucene search

[email protected]CVE-2006-2322

HistoryMay 12, 2006 - 12:02 a.m.

CVE-2006-2322

2006-05-1200:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cisco

avs

transparent proxy

remote code execution

vulnerability

cve-2006-2322

nvd

bug id

cscsd32143

7 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.013 Low

EPSS

Percentile

85.6%

JSON

The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to proxy arbitrary TCP connections, aka Bug ID CSCsd32143.

CPENameOperatorVersion
cisco:application_velocity_system_3110cisco application velocity system 3110eq5.0
cisco:application_velocity_system_3110cisco application velocity system 3110eq4.0
cisco:application_velocity_system_3120cisco application velocity system 3120eq5.0

CPE	Name	Operator	Version
cisco:application_velocity_system_3110	cisco application velocity system 3110	eq	5.0
cisco:application_velocity_system_3110	cisco application velocity system 3110	eq	4.0
cisco:application_velocity_system_3120	cisco application velocity system 3120	eq	5.0

References

secunia.com/advisories/20079

securitytracker.com/id?1016056

www.cisco.com/warp/public/707/cisco-sa-20060510-avs.shtml

www.osvdb.org/25459

www.securityfocus.com/bid/17937

www.vupen.com/english/advisories/2006/1762

exchange.xforce.ibmcloud.com/vulnerabilities/26351

7 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.013 Low

EPSS

Percentile

85.6%

JSON

Related for CVE-2006-2322

prion1 cisco1