CVE-2007-2688

Published May 16, 2007

Last updated 6 years ago

CVSS info 7.8

Overview

Description: The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B82862D-C006-4846-987B-F8FB113DF984"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C36B2596-ECC6-47B6-9BB6-95F903281EFC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(2\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "225CF995-082E-47CD-8673-F8F9832DA6E2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(6\\)p1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2AEC4E54-69C0-4115-8F57-6B25694BA07D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EC9FE98-33D1-4072-A9AE-91E014227599"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1a\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBC14025-7D62-4264-A898-5085E0227F79"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1b\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44C6A1AB-7598-4477-AB3D-4648813855FB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1c\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E703CAFC-2ED8-4B71-8559-593BF46EE568"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1d\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE533A9E-2868-4C66-8ADD-D1785FFD4726"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1e\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34E4B9CD-D564-4FB4-BE61-B5E61E8847D7"
          },
          {
            "criteria": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(p1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "344A1DD4-8A6B-46CF-B334-CE809932C7F4"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79528F96-FD42-4A76-82EE-4B1324D53B5F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:11.1cc:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5F31EAA-F76F-4182-B90D-6997E52EEB25"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33CCFFC6-9D26-4C39-AF76-0B8FCDE743CF"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C398460-3F38-4AA7-A4B1-FD8A01588DB5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBEA01D2-B985-4575-AF00-144CE2E3024D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.0t:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA7F94E8-86FC-456B-A7BB-57953F67F754"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7126E176-D739-4102-8F10-1EEB8C6A219D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "752C3C6B-910D-4153-A162-DF255F60306B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84900BB3-B49F-448A-9E04-FE423FBCCC4F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References