Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2002-0778

Published: 12/08/2002 Updated: 30/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Cisco

Vulnerability Summary

The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote malicious users to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco content engine 507_3.1

cisco content engine 507_4.0

cisco content engine 507_4.1

cisco content engine 560

cisco content engine 7320_4.0

cisco content engine 7320_4.1

cisco cache engine 505 2.4.0

cisco cache engine 505 3.0

cisco cache engine 550

cisco content distribution manager 4650 4.1

cisco content engine 507_2.2.0

cisco content engine 560_2.2.0

cisco content engine 560_4.0

cisco content engine 7320

cisco content engine 7320_3.1

cisco cache engine 550 2.4.0

cisco cache engine 570 2.2.0

cisco enterprise content delivery network software 4.0

cisco content distribution manager 4630

cisco content distribution manager 4630 4.0

cisco content distribution manager 4630 4.1

cisco content distribution manager 4650

cisco content engine 590

cisco content engine 590_2.2.0

cisco content engine 590_3.1

cisco content engine 590_4.0

cisco cache engine 570 2.4.0

cisco cache engine 570 3.0

cisco cache engine 570 570

cisco content router 4430

cisco content distribution manager 4650 4.0

cisco content engine 507

cisco content engine 560_3.1

cisco content engine 560_4.1

cisco content engine 590_4.1

cisco content engine 7320_2.2.0

cisco cache engine 550 2.2.0

cisco cache engine 550 3.0

cisco enterprise content delivery network software 4.1

Vendor Advisories

Cisco: Transparent Cache Engine and Content Engine TCP Relay Vulnerability
Cisco Cache Engines and Content Engines provide a transparent cache for world wide web pages retrieved via HTTP These products also can be configured to transparently intercept requests to proxy servers supporting various protocols such as HTTPS The default configuration of the proxy feature can be abused to open a TCP connection to any r ...

References

NVD-CWE-Otherhttp://www.cisco.com/warp/public/707/transparentcache-tcp-relay-vuln-pub.shtmlhttp://www.iss.net/security_center/static/9082.phphttp://www.securityfocus.com/bid/4751https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020515-transparent-cache-tcp-relay
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook