TILLBAKA TILL DASHBOARD

CVE-1999-1466

Källa: cve@mitre.org

UNKNOWN
7.5 CVSS Score

EXPLOTATION STATUS & MITIGATIONS

EXPLOIT STATUS
NO KNOWN EXPLOIT
REMEDIATION
PATCH AVAILABLE

PÅVERKADE KLIENTER/MJUKVARA

Cisco Ios

BESKRIVNING

Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.

TEKNISK DATA

{
  "id": "CVE-1999-1466",
  "sourceIdentifier": "cve@mitre.org",
  "published": "1992-12-10T05:00:00.000",
  "lastModified": "2025-04-03T01:03:51.193",
  "vulnStatus": "Deferred",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the \"established\" keyword."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "baseScore": 7.5,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:ios:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E72B3032-154D-45C2-8380-CCB28E4F2E8C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:ios:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "87395248-5E9C-4257-9CC7-2E2805B69F83"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:ios:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A476BFB0-E587-41A6-B691-2609E0146C2B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:ios:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E9A00D5-A594-4C64-B982-10CB4C554F51"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.cert.org/advisories/CA-1992-20.html",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/53",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.cert.org/advisories/CA-1992-20.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/53",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}

Status

Vuln Status:Deferred
Publicerad:12/10/1992
Uppdaterad:4/3/2025

Vector String

AV:N/AC:L/Au:N/C:P/I:P/A:P
ÖPPNA I NVD