Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-1022Cisco PIX Firewall Software vulnerability

5 documents4 sources
Severity
7.5HIGHNVD
EPSS
7.2%
top 8.40%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Cisco PIX Firewall Software
Timeline
PublishedDec 11
Latest updateApr 30

Description

The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDcisco/pix_firewall_software8 versions+7

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-gv87-wvw4-8qwm: The mailguard feature in Cisco Secure PIX Firewall 52022-04-30
CVEList
CVE-2000-1022: The mailguard feature in Cisco Secure PIX Firewall 52001-01-22

💥Exploits & PoCs

2
Exploit-DB
Cisco PIX Firewall 4.x/5.x - SMTP Content Filtering Evasion2000-09-19
Exploit-DB
Trend Micro Interscan VirusWall 3.2.3/3.3 - 'HELO' Remote Buffer Overflow (1)1999-11-07
CVE-2000-1022 — Cisco vulnerability | cvebase