Vulnerability Name:

CVE-1999-0775 (CCN-2267)

Assigned:1999-06-10
Published:1999-06-10
Updated:2022-08-17
Summary:Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-1999-0775

Source: MITRE
Type: CNA
CVE-2000-0700

Source: CCN
Type: Cisco Systems Field Notice, June 10, 1999
Cisco IOS Software established Access List Keyword Error

Source: CCN
Type: OSVDB ID: 793
Cisco Gigabit Switch Routers (GSR) Line Card Failure ACL Bypass

Source: CCN
Type: OSVDB ID: 798
Cisco Gigabit Switch Routers (GSR) Line Card Failure Remote DoS

Source: CCN
Type: OSVDB ID: 8893
Cisco Gigabit Switch Routers Established Keyword Packet Forwarding

Source: CCN
Type: BID-1541
Cisco Gigabit Switch Router with Fast/Gigabit Ethernet Cards ACL Bypass/DoS Vulnerabilities

Source: XF
Type: UNKNOWN
cisco-gigaswitch(2267)

Source: MISC
Type: UNKNOWN
https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0775

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:ios:11.2(15)g:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(14)gs2:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:cisco:ios:12.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.3:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2p:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:gigabit_switch_router_12008:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:gigabit_switch_router_12012:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:gigabit_switch_router_12016:*:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(10):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(8):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(14)gs2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(15)g:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.3(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(2):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(3):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(4):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(5):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(6):*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco ios 11.2(15)g
    cisco ios 11.2(14)gs2
    cisco ios 12.0
    cisco ios 12.1
    cisco ios 11.2
    cisco ios 11.3
    cisco ios 11.2p
    cisco gigabit switch router 12008 *
    cisco gigabit switch router 12012 *
    cisco gigabit switch router 12016 *
    cisco ios 11.2(10)
    cisco ios 11.2(8)
    cisco ios 11.2(14)gs2
    cisco ios 11.2(15)g
    cisco ios 11.3(1)
    cisco ios 12.0(1)
    cisco ios 12.0(2)
    cisco ios 12.0(3)
    cisco ios 12.0(4)
    cisco ios 12.0(5)
    cisco ios 12.0(6)