Vulnerability Name:

CVE-2002-0778 (CCN-9082)

Assigned:2002-05-15
Published:2002-05-15
Updated:2018-10-30
Summary:The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Other
References:Source: MITRE
Type: CNA
CVE-2002-0778

Source: CCN
Type: Cisco Systems Inc. Security Advisory, 2002 May 15 18:00 GMT
Transparent Cache Engine and Content Engine TCP Relay Vulnerability

Source: CISCO
Type: Vendor Advisory
20020528 Transparent Cache Engine and Content Engine TCP Relay Vulnerability

Source: XF
Type: Vendor Advisory
cisco-cache-content-tcp-forward(9082)

Source: CCN
Type: OSVDB ID: 5111
Cisco Cache/Content Engine HTTPS Anonymous Relay

Source: BID
Type: Patch, Vendor Advisory
4751

Source: CCN
Type: BID-4751
Cisco Cache Engine Default Configuration Arbitrary User Proxy Vulnerability

Source: XF
Type: UNKNOWN
cisco-cache-content-tcp-forward(9082)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:content_distribution_manager_4630:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:507_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_2.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320_4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:enterprise_content_delivery_network_software:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:enterprise_content_delivery_network_software:4.1:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_505:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_505:3.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_550:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_550:2.2.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_550:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_550:3.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_570:2.2.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_570:2.4.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_570:3.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_570:570:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:content_router_4430:*:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:cisco:content_engine:507:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:560:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:590:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_engine:7320:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_550:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_505:-:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_570:-:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4630:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:content_distribution_manager_4650:4.1:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_505:2.2.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_505:3.0.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:cache_engine_505:4.0.0:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:content_router_4430:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:enterprise_content_delivery_network_software:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:enterprise_content_delivery_network_software:4.1:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    cisco content distribution manager 4630 *
    cisco content distribution manager 4630 4.0
    cisco content distribution manager 4630 4.1
    cisco content distribution manager 4650 *
    cisco content distribution manager 4650 4.0
    cisco content distribution manager 4650 4.1
    cisco content engine 507
    cisco content engine 507_2.2.0
    cisco content engine 507_3.1
    cisco content engine 507_4.0
    cisco content engine 507_4.1
    cisco content engine 560
    cisco content engine 560_2.2.0
    cisco content engine 560_3.1
    cisco content engine 560_4.0
    cisco content engine 560_4.1
    cisco content engine 590
    cisco content engine 590_2.2.0
    cisco content engine 590_3.1
    cisco content engine 590_4.0
    cisco content engine 590_4.1
    cisco content engine 7320
    cisco content engine 7320_2.2.0
    cisco content engine 7320_3.1
    cisco content engine 7320_4.0
    cisco content engine 7320_4.1
    cisco enterprise content delivery network software 4.0
    cisco enterprise content delivery network software 4.1
    cisco cache engine 505 2.4.0
    cisco cache engine 505 3.0
    cisco cache engine 550 *
    cisco cache engine 550 2.2.0
    cisco cache engine 550 2.4.0
    cisco cache engine 550 3.0
    cisco cache engine 570 2.2.0
    cisco cache engine 570 2.4.0
    cisco cache engine 570 3.0
    cisco cache engine 570 570
    cisco content router 4430 *
    cisco content engine 507
    cisco content engine 560
    cisco content engine 590
    cisco content engine 7320
    cisco cache engine 550 *
    cisco cache engine 505 -
    cisco cache engine 570 -
    cisco content distribution manager 4630 *
    cisco content distribution manager 4650 *
    cisco content distribution manager 4630 4.0
    cisco content distribution manager 4630 4.1
    cisco content distribution manager 4650 4.0
    cisco content distribution manager 4650 4.1
    cisco cache engine 505 2.2.0
    cisco cache engine 505 3.0.0
    cisco cache engine 505 4.0.0
    cisco content router 4430 *
    cisco content router 4430 4.0
    cisco content router 4430 4.1