ID

VAR-199212-0003


CVE

CVE-1999-1466


TITLE

Cisco Access List Vulnerability

Trust: 0.9

sources: BID: 53 // CNNVD: CNNVD-199212-002

DESCRIPTION

Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword. Cisco Systems Cisco IOS Exists in unspecified vulnerabilities.None. This vulnerability can allow unauthorized traffic to pass through the gateway and can block authorized traffic. This can permit packets which should be filtered and filter packets which should be permitted. Vulnerabilities exist in Cisco router versions 8.2 through 9.1

Trust: 1.98

sources: NVD: CVE-1999-1466 // JVNDB: JVNDB-1992-000005 // BID: 53 // VULHUB: VHN-1447

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion:9.1

Trust: 1.9

vendor:ciscomodel:iosscope:eqversion:9.0

Trust: 1.9

vendor:ciscomodel:iosscope:eqversion:8.3

Trust: 1.9

vendor:ciscomodel:iosscope:eqversion:8.2

Trust: 1.9

vendor:シスコシステムズmodel:cisco iosscope:eqversion:8.3

Trust: 0.8

vendor:シスコシステムズmodel:cisco iosscope:eqversion:8.2

Trust: 0.8

vendor:シスコシステムズmodel:cisco iosscope:eqversion:9.0

Trust: 0.8

vendor:シスコシステムズmodel:cisco iosscope:eqversion:9.1

Trust: 0.8

vendor:シスコシステムズmodel:cisco iosscope:eqversion: -

Trust: 0.8

sources: BID: 53 // JVNDB: JVNDB-1992-000005 // CNNVD: CNNVD-199212-002 // NVD: CVE-1999-1466

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1466
value: HIGH

Trust: 1.0

NVD: CVE-1999-1466
value: HIGH

Trust: 0.8

CNNVD: CNNVD-199212-002
value: HIGH

Trust: 0.6

VULHUB: VHN-1447
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-1999-1466
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-1447
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1447 // JVNDB: JVNDB-1992-000005 // CNNVD: CNNVD-199212-002 // NVD: CVE-1999-1466

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-1992-000005 // NVD: CVE-1999-1466

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199212-002

TYPE

Unknown

Trust: 0.9

sources: BID: 53 // CNNVD: CNNVD-199212-002

PATCH

title:Products IOS Cisco IOS Software Releasesurl:https://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-software-releases-listing.html

Trust: 0.8

sources: JVNDB: JVNDB-1992-000005

EXTERNAL IDS

db:NVDid:CVE-1999-1466

Trust: 3.6

db:BIDid:53

Trust: 2.8

db:JVNDBid:JVNDB-1992-000005

Trust: 0.8

db:CNNVDid:CNNVD-199212-002

Trust: 0.7

db:CERT/CCid:CA-1992-20

Trust: 0.6

db:VULHUBid:VHN-1447

Trust: 0.1

sources: VULHUB: VHN-1447 // BID: 53 // JVNDB: JVNDB-1992-000005 // CNNVD: CNNVD-199212-002 // NVD: CVE-1999-1466

REFERENCES

url:http://www.securityfocus.com/bid/53

Trust: 3.5

url:http://www.cert.org/advisories/ca-1992-20.html

Trust: 3.5

url:https://nvd.nist.gov/vuln/detail/cve-1999-1466

Trust: 0.8

sources: VULHUB: VHN-1447 // JVNDB: JVNDB-1992-000005 // CNNVD: CNNVD-199212-002 // NVD: CVE-1999-1466

SOURCES

db:VULHUBid:VHN-1447
db:BIDid:53
db:JVNDBid:JVNDB-1992-000005
db:CNNVDid:CNNVD-199212-002
db:NVDid:CVE-1999-1466

LAST UPDATE DATE

2024-11-22T22:51:48.982000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1447date:2008-09-05T00:00:00
db:BIDid:53date:2009-07-11T00:16:00
db:JVNDBid:JVNDB-1992-000005date:2024-05-02T09:35:00
db:CNNVDid:CNNVD-199212-002date:2005-10-20T00:00:00
db:NVDid:CVE-1999-1466date:2024-11-20T23:31:11.057

SOURCES RELEASE DATE

db:VULHUBid:VHN-1447date:1992-12-10T00:00:00
db:BIDid:53date:1992-12-10T00:00:00
db:JVNDBid:JVNDB-1992-000005date:2024-05-02T00:00:00
db:CNNVDid:CNNVD-199212-002date:1992-12-10T00:00:00
db:NVDid:CVE-1999-1466date:1992-12-10T05:00:00