Sign-up

ID

VAR-201007-0238


CVE

CVE-2010-2629


TITLE

Cisco CSS 11500 and ACE 4710 Vulnerabilities in which intended header insertion could be bypassed

Trust: 0.8

sources: JVNDB: JVNDB-2010-004188

DESCRIPTION

The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1576. This vulnerability CVE-2010-1576 Due to an incomplete fix.Through a specially crafted header data by a third party, HTTP A request smuggling attack may be performed and intended header insertion may be avoided. The Cisco CSS 11500 Content Services Switch is a load balancing device that provides robust and scalable network services (layers 4-7) for the data center. An attacker can exploit these issues to impersonate other users when using client certificate-based authentication and to bypass certain security restrictions. Other attacks are also possible. These issues are being tracked by Cisco Bugid CSCSZ04690 and CSCTA04885

Trust: 2.52

sources: NVD: CVE-2010-2629 // JVNDB: JVNDB-2010-004188 // CNVD: CNVD-2010-3981 // BID: 41315 // VULHUB: VHN-45234

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2010-3981

AFFECTED PRODUCTS

vendor:ciscomodel:ace 4710scope:eqversion:a1\(2.0\)

Trust: 1.6

vendor:ciscomodel:content services switch 11500scope:eqversion:8.20.1.01

Trust: 1.6

vendor:ciscomodel:content services switch 11500scope:eqversion:08.20.1.01

Trust: 1.6

vendor:ciscomodel:content services switch 11500scope:eqversion:8.20.2.01

Trust: 1.6

vendor:ciscomodel:content services switch 11500scope:eqversion:8.20.0.01

Trust: 1.6

vendor:ciscomodel:ace 4710scope:eqversion:a1\(8.0\)

Trust: 1.6

vendor:ciscomodel:ace 4710scope:lteversion:a3\(2.5\)

Trust: 1.0

vendor:ciscomodel:content services switch 11500scope:lteversion:8.20.3.03

Trust: 1.0

vendor:ciscomodel:css11500 content services switchscope: - version: -

Trust: 0.9

vendor:ciscomodel:ace 4710scope:eqversion:software a2(3.0)

Trust: 0.8

vendor:ciscomodel:content services switch 11500scope:eqversion:software 8.20.4.02

Trust: 0.8

vendor:ciscomodel:content services switch 11500scope:eqversion:8.20.3.03

Trust: 0.6

vendor:ciscomodel:ace 4710scope:eqversion:a3\(2.5\)

Trust: 0.6

vendor:ciscomodel:ace appliance a3scope:eqversion:4750

Trust: 0.3

sources: CNVD: CNVD-2010-3981 // BID: 41315 // JVNDB: JVNDB-2010-004188 // CNNVD: CNNVD-201007-047 // NVD: CVE-2010-2629

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-2629
value: HIGH

Trust: 1.0

NVD: CVE-2010-2629
value: HIGH

Trust: 0.8

CNVD: CNVD-2010-3981
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201007-047
value: HIGH

Trust: 0.6

VULHUB: VHN-45234
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2010-2629
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2010-3981
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-45234
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2010-3981 // VULHUB: VHN-45234 // JVNDB: JVNDB-2010-004188 // CNNVD: CNNVD-201007-047 // NVD: CVE-2010-2629

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-45234 // JVNDB: JVNDB-2010-004188 // NVD: CVE-2010-2629

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201007-047

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201007-047

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-004188

PATCH
title:Top Pageurl:http://www.cisco.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-004188

EXTERNAL IDS
db:NVDid:CVE-2010-2629
Trust: 3.4
db:BIDid:41315
Trust: 2.6
db:SECTRACKid:1024167
Trust: 1.7
db:SECTRACKid:1024168
Trust: 1.7
db:JVNDBid:JVNDB-2010-004188
Trust: 0.8
db:CNNVDid:CNNVD-201007-047
Trust: 0.7
db:CNVDid:CNVD-2010-3981
Trust: 0.6
db:BUGTRAQid:20100702 VSR ADVISORY: MULTIPLE CISCO CSS / ACE CLIENT CERTIFICATE AND HTTP HEADER MANIPULATION VULNERABILITIES
Trust: 0.6
db:NSFOCUSid:15368
Trust: 0.6
db:VULHUBid:VHN-45234
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2010-3981 // 
            
            
            
            VULHUB: VHN-45234 // 
            
            
            
            BID: 41315 // 
            
            
            
            JVNDB: JVNDB-2010-004188 // 
            
            
            
            CNNVD: CNNVD-201007-047 // 
            
            
            
            NVD: CVE-2010-2629

REFERENCES
url:http://www.securityfocus.com/bid/41315
Trust: 2.3
url:http://www.vsecurity.com/resources/advisory/20100702-1/
Trust: 2.0
url:http://securitytracker.com/id?1024167
Trust: 1.7
url:http://securitytracker.com/id?1024168
Trust: 1.7
url:http://www.securityfocus.com/archive/1/512144/100/0/threaded
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2629
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2629
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/512144/100/0/threaded
Trust: 0.6
url:http://www.nsfocus.net/vulndb/15368
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:/archive/1/512144
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2010-3981 // 
            
            
            
            VULHUB: VHN-45234 // 
            
            
            
            BID: 41315 // 
            
            
            
            JVNDB: JVNDB-2010-004188 // 
            
            
            
            CNNVD: CNNVD-201007-047 // 
            
            
            
            NVD: CVE-2010-2629

CREDITS
George D. Gal※ ggal@vsecurity.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201007-047

SOURCES
db:CNVDid:CNVD-2010-3981
db:VULHUBid:VHN-45234
db:BIDid:41315
db:JVNDBid:JVNDB-2010-004188
db:CNNVDid:CNNVD-201007-047
db:NVDid:CVE-2010-2629

LAST UPDATE DATE
2024-11-23T21:47:23.360000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2010-3981date:2010-07-08T00:00:00
db:VULHUBid:VHN-45234date:2018-10-10T00:00:00
db:BIDid:41315date:2015-04-13T21:05:00
db:JVNDBid:JVNDB-2010-004188date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-201007-047date:2010-07-08T00:00:00
db:NVDid:CVE-2010-2629date:2024-11-21T01:17:02.510

SOURCES RELEASE DATE
db:CNVDid:CNVD-2010-3981date:2010-07-08T00:00:00
db:VULHUBid:VHN-45234date:2010-07-06T00:00:00
db:BIDid:41315date:2010-07-02T00:00:00
db:JVNDBid:JVNDB-2010-004188date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-201007-047date:2010-07-08T00:00:00
db:NVDid:CVE-2010-2629date:2010-07-06T17:17:13.517