CVE-1999-1175

Name of the Vulnerable Software and Affected Versions Cisco Cache Engine for Cisco IOS versions prior to 11.2

Description The issue concerns the Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS, which does not utilize authentication. This lack of authentication allows remote attackers to redirect HTTP traffic to arbitrary hosts by sending WCCP packets to UDP port 2048.

Recommendations For Cisco Cache Engine for Cisco IOS versions prior to 11.2, consider implementing authentication for WCCP to prevent unauthorized redirection of HTTP traffic. As a temporary workaround, restrict access to UDP port 2048 to minimize the risk of exploitation.