PT-2011-2287 · Cisco · Cisco Ios
Published
2011-01-28
·
Updated
2017-08-17
·
CVE-2011-0348
CVSS v2.0
6.4
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco IOS versions 12.4(11)MD through 12.4(24)MD before 12.4(24)MD3
Cisco IOS versions 12.4(22)MDA before 12.4(22)MDA5
Cisco IOS versions 12.4(24)MDA before 12.4(24)MDA3
Description
The issue allows remote attackers to bypass intended access restrictions and intended billing restrictions by sending HTTP traffic to a restricted destination after sending HTTP traffic to an unrestricted destination.
Recommendations
For versions 12.4(11)MD through 12.4(24)MD before 12.4(24)MD3, update to version 12.4(24)MD3 or later.
For versions 12.4(22)MDA before 12.4(22)MDA5, update to version 12.4(22)MDA5 or later.
For versions 12.4(24)MDA before 12.4(24)MDA3, update to version 12.4(24)MDA3 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Ios