ID

VAR-199212-0004


CVE

CVE-1999-1306


TITLE

Cisco Systems  Cisco IOS  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-1992-000006

DESCRIPTION

Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. Cisco Systems Cisco IOS Exists in unspecified vulnerabilities.None. Attackers can use this vulnerability to bypass the filter

Trust: 1.71

sources: NVD: CVE-1999-1306 // JVNDB: JVNDB-1992-000006 // VULHUB: VHN-1287

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:lteversion:9.1

Trust: 1.0

vendor:シスコシステムズmodel:cisco iosscope:eqversion: -

Trust: 0.8

vendor:シスコシステムズmodel:cisco iosscope:lteversion:9.1 and earlier

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:9.1

Trust: 0.6

sources: JVNDB: JVNDB-1992-000006 // CNNVD: CNNVD-199212-001 // NVD: CVE-1999-1306

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1306
value: HIGH

Trust: 1.0

NVD: CVE-1999-1306
value: HIGH

Trust: 0.8

CNNVD: CNNVD-199212-001
value: HIGH

Trust: 0.6

VULHUB: VHN-1287
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-1999-1306
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-1287
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1287 // JVNDB: JVNDB-1992-000006 // CNNVD: CNNVD-199212-001 // NVD: CVE-1999-1306

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:others (CWE-Other) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-1992-000006 // NVD: CVE-1999-1306

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199212-001

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199212-001

PATCH

title:Products IOS Cisco IOS Software Releasesurl:https://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-software-releases-listing.html

Trust: 0.8

sources: JVNDB: JVNDB-1992-000006

EXTERNAL IDS

db:NVDid:CVE-1999-1306

Trust: 3.3

db:JVNDBid:JVNDB-1992-000006

Trust: 0.8

db:CNNVDid:CNNVD-199212-001

Trust: 0.7

db:CERT/CCid:CA-1992-20

Trust: 0.6

db:VULHUBid:VHN-1287

Trust: 0.1

sources: VULHUB: VHN-1287 // JVNDB: JVNDB-1992-000006 // CNNVD: CNNVD-199212-001 // NVD: CVE-1999-1306

REFERENCES

url:http://www.cert.org/advisories/ca-1992-20.html

Trust: 3.5

url:https://nvd.nist.gov/vuln/detail/cve-1999-1306

Trust: 0.8

sources: VULHUB: VHN-1287 // JVNDB: JVNDB-1992-000006 // CNNVD: CNNVD-199212-001 // NVD: CVE-1999-1306

SOURCES

db:VULHUBid:VHN-1287
db:JVNDBid:JVNDB-1992-000006
db:CNNVDid:CNNVD-199212-001
db:NVDid:CVE-1999-1306

LAST UPDATE DATE

2024-11-22T22:51:48.959000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1287date:2008-09-05T00:00:00
db:JVNDBid:JVNDB-1992-000006date:2024-05-02T09:36:00
db:CNNVDid:CNNVD-199212-001date:2005-10-20T00:00:00
db:NVDid:CVE-1999-1306date:2024-11-20T23:30:48.113

SOURCES RELEASE DATE

db:VULHUBid:VHN-1287date:1992-12-10T00:00:00
db:JVNDBid:JVNDB-1992-000006date:2024-05-02T00:00:00
db:CNNVDid:CNNVD-199212-001date:1992-12-10T00:00:00
db:NVDid:CVE-1999-1306date:1992-12-10T05:00:00