CVE-2006-4352
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.
La funcionalidad de cookies ArrowPoint para los Conmutadores de Servicio de Contenidos (Content Service Switches) Cisco serie 11000 especifica una dirección IP interna si el administrador no especifica una cadena de opción, lo que permite a atacantes remotos obtener información sensible.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-08-24 CVE Reserved
- 2006-08-25 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- 2024-09-17 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.cisco.com/warp/public/117/AP_cookies.html | X_refsource_misc |
|
| URL | Date | SRC |
|---|---|---|
| http://www.osvdb.org/28121 | 2024-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Content Services Switch 11000 Search vendor "Cisco" for product "Content Services Switch 11000" | * | - |
Affected
| ||||||