CVE-1999-1175Cisco IOS vulnerability

2 documents2 sources
Severity
7.5HIGHNVD
EPSS
0.9%
top 24.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedDec 31
Latest updateApr 30

Description

Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDcisco/ios11.2

Patches

Patch: www.ciac.orgPatch: www.cisco.comPatch: www.ciac.org

🔴Vulnerability Details

1
GHSA
GHSA-2qg5-3mg4-mrr4: Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 112022-04-30
CVE-1999-1175 — Cisco IOS vulnerability | cvebase