var-202001-0111
Vulnerability from variot
Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks. Cisco IronPort WSA failed to revoke certificates through the CRL (Certificate Revocation List) or OCSP (Online Certificate Status Protocol) standards. Even if the client certificate can be created under the proxy CA context if the server-side certificate is revoked, an attacker could exploit this vulnerability to perform a MITM attack using the revoked certificate. Successfully exploiting these issues will allow attackers to bypass security restrictions and perform unauthorized actions. The program offers features such as Web Reputation Filter (WBRS) and anti-malware scanning engine. A successful exploitation could allow the malicious user to access sensitive information using man-in-the-middle attacks. Proof-of-concept code that exploits this vulnerability is publicly available. Cisco has not confirmed the vulnerability and software updates are not available
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-0111",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ironport web security appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": null
},
{
"model": "ironport web security appliance",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ironport web security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.x"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1838"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006563"
},
{
"db": "NVD",
"id": "CVE-2012-1316"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:ironport_web_security_appliance",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006563"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jeff Jarmoc",
"sources": [
{
"db": "BID",
"id": "52981"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1316",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2012-1316",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54597",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2012-1316",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-1316",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-1316",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2012-1316",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201204-136",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54597",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2012-1316",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54597"
},
{
"db": "VULMON",
"id": "CVE-2012-1316"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006563"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-136"
},
{
"db": "NVD",
"id": "CVE-2012-1316"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks. Cisco IronPort WSA failed to revoke certificates through the CRL (Certificate Revocation List) or OCSP (Online Certificate Status Protocol) standards. Even if the client certificate can be created under the proxy CA context if the server-side certificate is revoked, an attacker could exploit this vulnerability to perform a MITM attack using the revoked certificate. \nSuccessfully exploiting these issues will allow attackers to bypass security restrictions and perform unauthorized actions. The program offers features such as Web Reputation Filter (WBRS) and anti-malware scanning engine. \u00a0\u00a0A successful exploitation could allow the malicious user to access sensitive information using man-in-the-middle attacks. \nProof-of-concept code that exploits this vulnerability is publicly available. \nCisco has not confirmed the vulnerability and software updates are not available",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1316"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006563"
},
{
"db": "CNVD",
"id": "CNVD-2012-1838"
},
{
"db": "BID",
"id": "52981"
},
{
"db": "VULHUB",
"id": "VHN-54597"
},
{
"db": "VULMON",
"id": "CVE-2012-1316"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1316",
"trust": 3.5
},
{
"db": "BID",
"id": "52981",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006563",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201204-136",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2012-1838",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-54597",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2012-1316",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1838"
},
{
"db": "VULHUB",
"id": "VHN-54597"
},
{
"db": "VULMON",
"id": "CVE-2012-1316"
},
{
"db": "BID",
"id": "52981"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006563"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-136"
},
{
"db": "NVD",
"id": "CVE-2012-1316"
}
]
},
"id": "VAR-202001-0111",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1838"
},
{
"db": "VULHUB",
"id": "VHN-54597"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1838"
}
]
},
"last_update_date": "2024-08-14T13:25:09.377000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.cisco.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006563"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54597"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006563"
},
{
"db": "NVD",
"id": "CVE-2012-1316"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.secureworks.com/research/transitive-trust"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/52981"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1316"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1316"
},
{
"trust": 0.6,
"url": "http://www.secureworks.com/research/threats/transitive-trust/http"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/ps10164/index.html"
},
{
"trust": 0.3,
"url": "http://www.secureworks.com/research/threats/transitive-trust/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/295.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=25647"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1838"
},
{
"db": "VULHUB",
"id": "VHN-54597"
},
{
"db": "VULMON",
"id": "CVE-2012-1316"
},
{
"db": "BID",
"id": "52981"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006563"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-136"
},
{
"db": "NVD",
"id": "CVE-2012-1316"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-1838"
},
{
"db": "VULHUB",
"id": "VHN-54597"
},
{
"db": "VULMON",
"id": "CVE-2012-1316"
},
{
"db": "BID",
"id": "52981"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006563"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-136"
},
{
"db": "NVD",
"id": "CVE-2012-1316"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1838"
},
{
"date": "2020-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-54597"
},
{
"date": "2020-01-15T00:00:00",
"db": "VULMON",
"id": "CVE-2012-1316"
},
{
"date": "2012-04-11T00:00:00",
"db": "BID",
"id": "52981"
},
{
"date": "2020-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006563"
},
{
"date": "2012-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-136"
},
{
"date": "2020-01-15T14:15:11.623000",
"db": "NVD",
"id": "CVE-2012-1316"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1838"
},
{
"date": "2020-01-23T00:00:00",
"db": "VULHUB",
"id": "VHN-54597"
},
{
"date": "2020-01-23T00:00:00",
"db": "VULMON",
"id": "CVE-2012-1316"
},
{
"date": "2012-04-11T00:00:00",
"db": "BID",
"id": "52981"
},
{
"date": "2020-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006563"
},
{
"date": "2020-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-136"
},
{
"date": "2020-01-23T03:24:27.427000",
"db": "NVD",
"id": "CVE-2012-1316"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-136"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IronPort Web Security Appliance Vulnerabilities in certificate validation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006563"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-136"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.