Details of VAR-202001-0112

ID

VAR-202001-0112

CVE

CVE-2012-1326

TITLE

Cisco IronPort Web Security Appliance Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2012-006562

DESCRIPTION

Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks. When there is an error in verifying the \"basicConstraints\" parameter of the certificate in the certificate chain, it can be used to forge the certificate of any domain and obtain the encrypted information through the man-in-the-middle attack. Successfully exploiting these issues will allow attackers to bypass security restrictions and perform unauthorized actions. The program offers features such as Web Reputation Filter (WBRS) and anti-malware scanning engine. The vulnerability is caused by the program not properly handling SSL and TLS security certificates. A remote attacker can exploit this vulnerability to implement a man-in-the-middle attack

Trust: 2.52

sources: NVD: CVE-2012-1326 // JVNDB: JVNDB-2012-006562 // CNVD: CNVD-2012-1836 // BID: 52981 // VULHUB: VHN-54607

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2012-1836

AFFECTED PRODUCTS

vendor:	cisco	model:	ironport web security appliance	scope:	lte	version:	7.5	Trust: 1.8
vendor:	cisco	model:	ironport web security appliance	scope:	eq	version:	7.x	Trust: 0.6

sources: CNVD: CNVD-2012-1836 // JVNDB: JVNDB-2012-006562 // NVD: CVE-2012-1326

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-1326
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-1326
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201204-137
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-54607
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2012-1326
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-54607
severity:	MEDIUM
baseScore:	5.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2012-1326
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	5.2
version:	3.1
Trust: 1.0
NVD:	CVE-2012-1326
baseSeverity:	HIGH
baseScore:	7.4
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-54607 // JVNDB: JVNDB-2012-006562 // CNNVD: CNNVD-201204-137 // NVD: CVE-2012-1326

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-54607 // JVNDB: JVNDB-2012-006562 // NVD: CVE-2012-1326

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201204-137

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201204-137

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-006562

PATCH

title:

Cisco-SA-20120412-CVE-2012-1326

url:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20120412-CVE-2012-1326

Trust: 0.8

sources: JVNDB: JVNDB-2012-006562

EXTERNAL IDS

db:	NVD	id:	CVE-2012-1326	Trust: 3.4
db:	BID	id:	52981	Trust: 2.0
db:	JVNDB	id:	JVNDB-2012-006562	Trust: 0.8
db:	CNNVD	id:	CNNVD-201204-137	Trust: 0.7
db:	CNVD	id:	CNVD-2012-1836	Trust: 0.6
db:	VULHUB	id:	VHN-54607	Trust: 0.1

sources: CNVD: CNVD-2012-1836 // VULHUB: VHN-54607 // BID: 52981 // JVNDB: JVNDB-2012-006562 // CNNVD: CNNVD-201204-137 // NVD: CVE-2012-1326

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120412-cve-2012-1326	Trust: 1.7
url:	http://www.securityfocus.com/bid/52981	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1326	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1326	Trust: 0.8
url:	http://www.secureworks.com/research/threats/transitive-trust/http	Trust: 0.6
url:	http://www.cisco.com/en/us/products/ps10164/index.html	Trust: 0.3
url:	http://www.secureworks.com/research/threats/transitive-trust/	Trust: 0.3

sources: CNVD: CNVD-2012-1836 // VULHUB: VHN-54607 // BID: 52981 // JVNDB: JVNDB-2012-006562 // CNNVD: CNNVD-201204-137 // NVD: CVE-2012-1326

CREDITS

Jeff Jarmoc

Trust: 0.3

sources: BID: 52981

SOURCES

db:	CNVD	id:	CNVD-2012-1836
db:	VULHUB	id:	VHN-54607
db:	BID	id:	52981
db:	JVNDB	id:	JVNDB-2012-006562
db:	CNNVD	id:	CNNVD-201204-137
db:	NVD	id:	CVE-2012-1326

LAST UPDATE DATE

2024-08-14T13:25:09.307000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2012-1836	date:	2012-04-12T00:00:00
db:	VULHUB	id:	VHN-54607	date:	2020-01-23T00:00:00
db:	BID	id:	52981	date:	2012-04-11T00:00:00
db:	JVNDB	id:	JVNDB-2012-006562	date:	2020-02-06T00:00:00
db:	CNNVD	id:	CNNVD-201204-137	date:	2020-05-09T00:00:00
db:	NVD	id:	CVE-2012-1326	date:	2020-01-23T03:27:13.747

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2012-1836	date:	2012-04-12T00:00:00
db:	VULHUB	id:	VHN-54607	date:	2020-01-15T00:00:00
db:	BID	id:	52981	date:	2012-04-11T00:00:00
db:	JVNDB	id:	JVNDB-2012-006562	date:	2020-02-06T00:00:00
db:	CNNVD	id:	CNNVD-201204-137	date:	2012-04-12T00:00:00
db:	NVD	id:	CVE-2012-1326	date:	2020-01-15T14:15:11.700