CVE-2010-2823

Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets, related to HTTP, RTSP, and SIP inspection, aka Bug ID CSCtb54493.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:cisco:ace_4710::::::::
	cpe:2.3:h:cisco:ace_4710:a1\(2.0\):::::::*
	cpe:2.3:h:cisco:ace_4710:a1\(8.0\):::::::*
	cpe:2.3:h:cisco:ace_4710:a3\(1.0\):::::::*
	cpe:2.3:h:cisco:ace_4710:a3\(2.0\):::::::*
	cpe:2.3:h:cisco:ace_4710:a3\(2.5\):::::::*

History

No history.

Information

Published : 2010-08-17 05:41

Updated : 2023-12-10 11:03

NVD link : CVE-2010-2823

Mitre link : CVE-2010-2823

CVE.ORG link : CVE-2010-2823

JSON object : View

Products Affected

cisco

ace_4710

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-2823", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-08-17T05:41:21.520", "references": [{"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets, related to HTTP, RTSP, and SIP inspection, aka Bug ID CSCtb54493."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en la funcionalidad \"deep packet inspection\" de \"Cisco Application Control Engine\" (ACE) 4710 appliance con software anterior a A3(2.6) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (sobrecarga del dispositivo) a trav\u00e9s de paquetes HTTP modificados, relacionado con la inspecci\u00f3n HTTP, RTSP, y SIP. Tambi\u00e9n conocido como Bug ID CSCtb54493."}], "lastModified": "2011-07-26T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBFD21CF-CC38-477F-A78B-10CFEFF81E0A"}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a1\\(2.0\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142B1472-4694-436F-85C0-52B6A9CFCA64"}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a1\\(8.0\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A421567F-1772-46DC-9FBA-E0072DC6B7C6"}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a3\\(1.0\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F3BDA08-1786-46AD-93B3-C374BE1AC949"}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a3\\(2.0\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F635AF1-AFC0-420A-8227-0B161C9D15CB"}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a3\\(2.5\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A2481D0-BEAA-4147-B631-DFEA3E0C441E"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}