var-201007-0202
Vulnerability from variot
The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885. The problem is Bug ID : CSCta04885 It is a problem.Avoid inserting headers by a third party through crafted header data, or HTTP Request Smuggling An attack may be triggered. The Cisco CSS 11500 Content Services Switch is a load balancing device that provides robust and scalable network services (layers 4-7) for the data center. CSS differs from the way a common web server interprets HTTP line breaks. RFC 2616 defines a US ASCII carriage return/line feed (CRLF) sequence as a line termination flag for protocol elements (excluding entities), both CSS and ACE. But popular web servers allow the arrangement of various CRLF sequences (including LF, CR, and LFCR) as line termination markers. An attacker can exploit these issues to impersonate other users when using client certificate-based authentication and to bypass certain security restrictions. Other attacks are also possible. These issues are being tracked by Cisco Bugid CSCSZ04690 and CSCTA04885
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201007-0202",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ace 4710",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "a1\\(2.0\\)"
},
{
"model": "content services switch 11500",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.20.1.01"
},
{
"model": "content services switch 11500",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "08.20.1.01"
},
{
"model": "content services switch 11500",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.20.2.01"
},
{
"model": "content services switch 11500",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.20.0.01"
},
{
"model": "ace 4710",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "a1\\(8.0\\)"
},
{
"model": "ace 4710",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "a3\\(2.5\\)"
},
{
"model": "content services switch 11500",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "8.20.3.03"
},
{
"model": "ace 4710",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "css 11500 series",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.6,
"vendor": "no",
"version": null
},
{
"model": "content services switch 11500",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "8.20.3.03"
},
{
"model": "ace 4710",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "a3\\(2.5\\)"
},
{
"model": "css11500 content services switch",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ace appliance a3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4750"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1235"
},
{
"db": "BID",
"id": "41315"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001729"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-035"
},
{
"db": "NVD",
"id": "CVE-2010-1576"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:ace_4710",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:css_11500",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001729"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "George D. Gal\u203b ggal@vsecurity.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201007-035"
}
],
"trust": 0.6
},
"cve": "CVE-2010-1576",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2010-1576",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2010-1576",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-44181",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2010-1576",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2010-1576",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201007-035",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-44181",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44181"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001729"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-035"
},
{
"db": "NVD",
"id": "CVE-2010-1576"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885. The problem is Bug ID : CSCta04885 It is a problem.Avoid inserting headers by a third party through crafted header data, or HTTP Request Smuggling An attack may be triggered. The Cisco CSS 11500 Content Services Switch is a load balancing device that provides robust and scalable network services (layers 4-7) for the data center. CSS differs from the way a common web server interprets HTTP line breaks. RFC 2616 defines a US ASCII carriage return/line feed (CRLF) sequence as a line termination flag for protocol elements (excluding entities), both CSS and ACE. But popular web servers allow the arrangement of various CRLF sequences (including LF, CR, and LFCR) as line termination markers. \nAn attacker can exploit these issues to impersonate other users when using client certificate-based authentication and to bypass certain security restrictions. Other attacks are also possible. \nThese issues are being tracked by Cisco Bugid CSCSZ04690 and CSCTA04885",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-1576"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001729"
},
{
"db": "CNVD",
"id": "CNVD-2010-1235"
},
{
"db": "BID",
"id": "41315"
},
{
"db": "VULHUB",
"id": "VHN-44181"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-1576",
"trust": 3.4
},
{
"db": "BID",
"id": "41315",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1024167",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1024168",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "66092",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001729",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201007-035",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2010-1235",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20100702 VSR ADVISORY: MULTIPLE CISCO CSS / ACE CLIENT CERTIFICATE AND HTTP HEADER MANIPULATION VULNERABILITIES",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "15368",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-44181",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1235"
},
{
"db": "VULHUB",
"id": "VHN-44181"
},
{
"db": "BID",
"id": "41315"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001729"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-035"
},
{
"db": "NVD",
"id": "CVE-2010-1576"
}
]
},
"id": "VAR-201007-0202",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1235"
},
{
"db": "VULHUB",
"id": "VHN-44181"
}
],
"trust": 1.28653843
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1235"
}
]
},
"last_update_date": "2024-11-23T21:47:23.286000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "20808",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=20808"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001729"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-44181"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001729"
},
{
"db": "NVD",
"id": "CVE-2010-1576"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/41315"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1024167"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1024168"
},
{
"trust": 2.0,
"url": "http://www.vsecurity.com/resources/advisory/20100702-1/"
},
{
"trust": 1.9,
"url": "http://osvdb.org/66092"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/512144/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1576"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1576"
},
{
"trust": 0.6,
"url": "http://marc.info/?l=bugtraq\u0026m=127808444302943\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/512144/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/15368"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "/archive/1/512144"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-1235"
},
{
"db": "VULHUB",
"id": "VHN-44181"
},
{
"db": "BID",
"id": "41315"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001729"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-035"
},
{
"db": "NVD",
"id": "CVE-2010-1576"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2010-1235"
},
{
"db": "VULHUB",
"id": "VHN-44181"
},
{
"db": "BID",
"id": "41315"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-001729"
},
{
"db": "CNNVD",
"id": "CNNVD-201007-035"
},
{
"db": "NVD",
"id": "CVE-2010-1576"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1235"
},
{
"date": "2010-07-06T00:00:00",
"db": "VULHUB",
"id": "VHN-44181"
},
{
"date": "2010-07-02T00:00:00",
"db": "BID",
"id": "41315"
},
{
"date": "2010-07-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001729"
},
{
"date": "2010-07-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201007-035"
},
{
"date": "2010-07-06T17:17:13.233000",
"db": "NVD",
"id": "CVE-2010-1576"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-07-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-1235"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-44181"
},
{
"date": "2015-04-13T21:05:00",
"db": "BID",
"id": "41315"
},
{
"date": "2010-07-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-001729"
},
{
"date": "2010-07-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201007-035"
},
{
"date": "2024-11-21T01:14:43.387000",
"db": "NVD",
"id": "CVE-2010-1576"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201007-035"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Content Services Switch In HTTP Request Smuggling Attack vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-001729"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201007-035"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.