Sign-up

ID

VAR-199304-0001


CVE

CVE-1999-1216


TITLE

Cisco IP Source routing packet vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-199304-001

DESCRIPTION

Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command. Cisco Router is prone to a security bypass vulnerability. Attackers can exploit this issue to perform unauthorized actions. This may aid in further attacks. Vulnerabilities exist in Cisco routers 9.17 and earlier

Trust: 1.26

sources: NVD: CVE-1999-1216 // BID: 87019 // VULHUB: VHN-1197

AFFECTED PRODUCTS

vendor:ciscomodel:routerscope:eqversion:9.1

Trust: 1.9

vendor:ciscomodel:routerscope:eqversion:9.0

Trust: 1.9

vendor:ciscomodel:routerscope:eqversion:8.3

Trust: 1.9

vendor:ciscomodel:routerscope:eqversion:8.2

Trust: 1.9

vendor:ciscomodel:routerscope:lteversion:9.17

Trust: 1.0

vendor:ciscomodel:routerscope:eqversion:9.17

Trust: 0.9

sources: BID: 87019 // CNNVD: CNNVD-199304-001 // NVD: CVE-1999-1216

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-1999-1216
value: HIGH

Trust: 1.0

CNNVD: CNNVD-199304-001
value: HIGH

Trust: 0.6

VULHUB: VHN-1197
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-1999-1216
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-1197
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-1197 // CNNVD: CNNVD-199304-001 // NVD: CVE-1999-1216

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-1999-1216

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-199304-001

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-199304-001

EXTERNAL IDS

db:NVDid:CVE-1999-1216

Trust: 2.0

db:XFid:541

Trust: 0.9

db:CNNVDid:CNNVD-199304-001

Trust: 0.7

db:CERT/CCid:CA-1993-07

Trust: 0.6

db:CIACid:D-15

Trust: 0.6

db:BIDid:87019

Trust: 0.4

db:VULHUBid:VHN-1197

Trust: 0.1

sources: VULHUB: VHN-1197 // BID: 87019 // CNNVD: CNNVD-199304-001 // NVD: CVE-1999-1216

REFERENCES

url:http://www.cert.org/advisories/ca-1993-07.html

Trust: 2.0

url:http://ciac.llnl.gov/ciac/bulletins/d-15.shtml

Trust: 2.0

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/541

Trust: 1.1

url:http://xforce.iss.net/static/541.php

Trust: 0.9

sources: VULHUB: VHN-1197 // BID: 87019 // CNNVD: CNNVD-199304-001 // NVD: CVE-1999-1216

CREDITS

Unknown

Trust: 0.3

sources: BID: 87019

SOURCES

db:VULHUBid:VHN-1197
db:BIDid:87019
db:CNNVDid:CNNVD-199304-001
db:NVDid:CVE-1999-1216

LAST UPDATE DATE

2024-08-14T14:16:27.030000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-1197date:2017-12-19T00:00:00
db:BIDid:87019date:1993-04-22T00:00:00
db:CNNVDid:CNNVD-199304-001date:2005-10-20T00:00:00
db:NVDid:CVE-1999-1216date:2017-12-19T02:29:03.753

SOURCES RELEASE DATE

db:VULHUBid:VHN-1197date:1993-04-22T00:00:00
db:BIDid:87019date:1993-04-22T00:00:00
db:CNNVDid:CNNVD-199304-001date:1993-04-22T00:00:00
db:NVDid:CVE-1999-1216date:1993-04-22T04:00:00