CVE-2011-0348
Last modified
CVE-2011-0348 is a vulnerability of currently unknown severity. Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass intended access restrictions and intended billing restrictions by sending HTTP traffic to a restricted destination after sending HTTP traffic to an unrestricted destination, aka Bug ID CSCtk35917.. EPSS estimates a 2.27% chance of exploitation in the next 30 days.
Description
Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote attackers to bypass intended access restrictions and intended billing restrictions by sending HTTP traffic to a restricted destination after sending HTTP traffic to an unrestricted destination, aka Bug ID CSCtk35917.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.4\(11\)md |
| Cisco | Ios | 12.4\(15\)md |
| Cisco | Ios | 12.4\(22\)md |
| Cisco | Ios | 12.4\(22\)mda |
| Cisco | Ios | 12.4\(24\)md |
| Cisco | Ios | 12.4\(24\)md1 |
| Cisco | Ios | 12.4\(24\)mda |
References
- http://secunia.com/advisories/43052Vendor Advisory
- http://secunia.com/advisories/43052Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-0348?
How severe is CVE-2011-0348?
How do I fix CVE-2011-0348?
Are you affected by CVE-2011-0348?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST