Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) prior to 6.1 allow remote malicious users to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ace web application firewall 6.0\\(2\\) |
||
cisco ace web application firewall 6.0\\(1\\) |
||
cisco ace xml gateway 6.0\\(2\\) |
||
cisco ace xml gateway |
||
cisco ace xml gateway 6.0\\(0\\) |
||
cisco ace xml gateway 6.0\\(1\\) |
||
cisco ace web application firewall |
||
cisco ace web application firewall 6.0\\(0\\) |