fkie_nvd - fkie_cve-2002-0778

fkie_cve-2002-0778

Vulnerability from fkie_nvd

Published

2002-08-12 04:00

Modified

2025-04-03 01:03

Severity ?

Summary

The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP.

References

URL	Tags
cve@mitre.org	http://www.cisco.com/warp/public/707/transparentcache-tcp-relay-vuln-pub.shtml	Vendor Advisory
cve@mitre.org	http://www.iss.net/security_center/static/9082.php	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/4751	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/transparentcache-tcp-relay-vuln-pub.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/9082.php	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4751	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	content_distribution_manager_4630	*
cisco	content_distribution_manager_4630	4.0
cisco	content_distribution_manager_4630	4.1
cisco	content_distribution_manager_4650	*
cisco	content_distribution_manager_4650	4.0
cisco	content_distribution_manager_4650	4.1
cisco	content_engine	507
cisco	content_engine	507_2.2.0
cisco	content_engine	507_3.1
cisco	content_engine	507_4.0
cisco	content_engine	507_4.1
cisco	content_engine	560
cisco	content_engine	560_2.2.0
cisco	content_engine	560_3.1
cisco	content_engine	560_4.0
cisco	content_engine	560_4.1
cisco	content_engine	590
cisco	content_engine	590_2.2.0
cisco	content_engine	590_3.1
cisco	content_engine	590_4.0
cisco	content_engine	590_4.1
cisco	content_engine	7320
cisco	content_engine	7320_2.2.0
cisco	content_engine	7320_3.1
cisco	content_engine	7320_4.0
cisco	content_engine	7320_4.1
cisco	enterprise_content_delivery_network_software	4.0
cisco	enterprise_content_delivery_network_software	4.1
cisco	cache_engine_505	2.4.0
cisco	cache_engine_505	3.0
cisco	cache_engine_550	*
cisco	cache_engine_550	2.2.0
cisco	cache_engine_550	2.4.0
cisco	cache_engine_550	3.0
cisco	cache_engine_570	2.2.0
cisco	cache_engine_570	2.4.0
cisco	cache_engine_570	3.0
cisco	cache_engine_570	570
cisco	content_router_4430	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:content_distribution_manager_4630:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71568B23-8055-4625-A13C-E5B9032DEEA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_distribution_manager_4630:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC79750C-9CA0-4A9F-BF18-06BEF13A3F98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_distribution_manager_4630:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6766073-A568-4299-B528-3F29C5D9A421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_distribution_manager_4650:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F368653-EF5E-43EB-93CB-1CCD0FFD6FFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_distribution_manager_4650:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F52DDF6-B959-4221-834E-2371DF46BD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_distribution_manager_4650:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E842071-A161-4F02-B0CC-D3A6582D9930",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:507:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B947FCA-35E1-4F88-A8EA-7C90BBA0294F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:507_2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "899E4CF2-888D-45C9-BE3A-EFAEA031AB74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:507_3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7705CE1-4982-45AF-8CB1-271225180BAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:507_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDF9A0A5-3107-44F6-9383-A2FFE15377AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:507_4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97C1B960-F088-4486-BB87-37BBD713F184",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:560:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADA1C53F-0548-47ED-8C81-534D621BC00B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:560_2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "031184D7-F962-4490-ACFD-2BBBEA25FBE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:560_3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "85526696-0617-45E2-B2DA-8AAB05F0E255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:560_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6EB111F-D6C5-4906-8316-A317B27BC599",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:560_4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3FF8F15-7851-4052-B353-76251BB55F77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:590:*:*:*:*:*:*:*",
              "matchCriteriaId": "5362FE38-A346-4959-B1B6-E4E981BF2292",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:590_2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B22B2B-E5F3-4A12-AF17-F8E54756FF13",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:590_3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49C0C24A-36A3-4C25-9279-3E2F495AA59D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:590_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "359CA948-212B-49F1-A659-7E8FC2E6F845",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:590_4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C84BE6AF-044E-46D6-94F4-6A9F665F62CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:7320:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2C96FD2-7C6B-4526-A3EE-0CE578526B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:7320_2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DA8998C-8D76-4D5A-842E-19DCB07AFC93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:7320_3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "41E0ADD3-EF9C-4904-83D8-AAB9729A33C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:7320_4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A206212-F490-4A31-989F-C2F4A01B1DD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_engine:7320_4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3940DE-75B0-41BF-A6B3-4D01091D7A79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:enterprise_content_delivery_network_software:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C9A7E8B-B8A9-430B-8712-7CA4C60B349E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:enterprise_content_delivery_network_software:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2721E909-0237-4633-BAE0-758A1357B23C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:cache_engine_505:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E1C621-2D52-4BD1-BFD6-FA108585DAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:cache_engine_505:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "67221FA2-658B-4AFD-AABA-96B2A9F1CE1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:cache_engine_550:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "136D64BE-D843-4D78-98CC-66B7ABB615D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:cache_engine_550:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "688DA387-5DDE-4C39-B91F-3FBA96BEC442",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:cache_engine_550:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "88ABC2DC-FB9A-42EF-9F96-B68563EAE766",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:cache_engine_550:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "276FA49D-9757-41A9-8C76-4A721BA9CFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:cache_engine_570:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ADDC0B5-AA92-47CD-A717-8D7A5E6429AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:cache_engine_570:2.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A497A81D-0593-403A-BDC7-57ABD07041E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:cache_engine_570:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "52238E75-22DB-4678-A0AF-72D584DDB816",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:cache_engine_570:570:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FCDF964-0F7C-46EF-8D88-BC0CC1844CAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:content_router_4430:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A3BF42-76DF-47E2-A7B4-FAC4D693F493",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP."
    }
  ],
  "id": "CVE-2002-0778",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-08-12T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/transparentcache-tcp-relay-vuln-pub.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/9082.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/4751"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/transparentcache-tcp-relay-vuln-pub.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/9082.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/4751"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2002-0778 (GCVE-0-2002-0778)

Vulnerability from cvelistv5

Published

2003-04-02 05:00