CVE-2006-2322

Name of the Vulnerable Software and Affected Versions Cisco Application Velocity System (AVS) 3110 versions 4.0 and earlier, 5.0 Cisco Application Velocity System (AVS) 3120 versions 5.0.0 and earlier

Description The transparent proxy feature of the Cisco Application Velocity System has a default configuration that allows remote attackers to proxy arbitrary TCP connections.

Recommendations For Cisco Application Velocity System (AVS) 3110 versions 4.0 and earlier, 5.0, consider reconfiguring the transparent proxy feature to restrict arbitrary TCP connections. For Cisco Application Velocity System (AVS) 3120 versions 5.0.0 and earlier, consider reconfiguring the transparent proxy feature to restrict arbitrary TCP connections. At the moment, there is no information about a newer version that contains a fix for this vulnerability.