Vulnerability Name:

CVE-2011-0348 (CCN-64936)

Assigned:2011-01-26
Published:2011-01-26
Updated:2017-08-17
Summary:Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass intended access restrictions and intended billing restrictions by sending HTTP traffic to a restricted destination after sending HTTP traffic to an unrestricted destination, aka Bug ID CSCtk35917.
CVSS v3 Severity:6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)
4.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
6.4 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)
4.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-264
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2011-0348

Source: OSVDB
Type: UNKNOWN
70720

Source: CCN
Type: SA43052
Cisco Content Services Gateway Security Bypass and Denial of Service

Source: SECUNIA
Type: Vendor Advisory
43052

Source: SECTRACK
Type: UNKNOWN
1024992

Source: CCN
Type: cisco-sa-20110126-csg2
Cisco Content Services Gateway Vulnerabilities

Source: CISCO
Type: Vendor Advisory
20110126 Cisco Content Services Gateway Vulnerabilities

Source: CCN
Type: OSVDB ID: 70720
Cisco Content Services Gateway Second Generation Restricted Destination HTTP Traffic Access Restriction Bypass

Source: BID
Type: UNKNOWN
46022

Source: CCN
Type: BID-46022
Cisco Content Services Gateway Service Policy Security Bypass Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2011-0229

Source: XF
Type: UNKNOWN
cisco-csg2-policy-security-bypass(64936)

Source: XF
Type: UNKNOWN
cisco-csg2-policy-security-bypass(64936)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:ios:12.4(11)md:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.4(15)md:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.4(22)md:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.4(22)mda:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.4(24)md:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.4(24)md1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.4(24)mda:*:*:*:*:*:*:*
  • AND
  • cpe:/h:cisco:content_services_gateway_second_generation:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:cisco:ios:12.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:15.0m:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco ios 12.4(11)md
    cisco ios 12.4(15)md
    cisco ios 12.4(22)md
    cisco ios 12.4(22)mda
    cisco ios 12.4(24)md
    cisco ios 12.4(24)md1
    cisco ios 12.4(24)mda
    cisco content services gateway second generation *
    cisco ios 12.0
    cisco ios 15.0m