CVE-2012-3063
Published Jun 20, 2012
Last updated 12 years ago
Overview
- Description
- Cisco Application Control Engine (ACE) before A4(2.3) and A5 before A5(1.1), when multicontext mode is enabled, does not properly share a management IP address among multiple contexts, which allows remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances, and read or modify configuration settings, via a login attempt to a context, aka Bug ID CSCts30631, a different vulnerability than CVE-2012-3058.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.1
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:N/AC:H/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-362
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "601952FD-E7DF-40F9-94B0-36282CFABF94",
"versionEndIncluding": "a4\\(2.0\\)"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a1\\(7\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D224D965-E0E4-4378-B22F-97EDE52E8F7F"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a1\\(7a\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6DCA3ED-54C1-41AA-A122-78D35E5FE075"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a1\\(7b\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D0BD8DA-FE6A-422A-B5B2-B47F66F11C66"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a1\\(8\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6395801F-58D4-40DF-A6B7-49E13C9FD6A5"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a1\\(8a\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D87A6F96-E8B7-4F8D-A655-D20FA351D596"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a3\\(1.0\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7863207-48D0-4BEE-A5D5-149F75B67FB5"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a3\\(2.1\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "686ABAC2-F87F-4171-86B9-340D166F3D70"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a3\\(2.2\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E97F5C1-57D0-43A8-8BF7-14374BB8087C"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a3\\(2.3\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24CA0A33-C8B0-4B60-A8E7-F88C58307DEE"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a3\\(2.4\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C52B749E-BEF8-45FA-A133-02A349F61004"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a3\\(2.5\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9C5D103A-C08C-4B46-93C1-2231B1071BD1"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a3\\(2.6\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D0FF7B0-049E-4078-BDB9-E8D262507D2B"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a3\\(2.7\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B868F36-19B8-4503-80FC-D8F476F563E1"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a4\\(1.0\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1A7D415C-D321-454B-8480-384A50BF57CC"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a4\\(1.1\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F67F38F5-27F1-412D-A459-5EBC21DAC212"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a4\\(2.1\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62809902-3704-4EEA-BFC4-4D13DCD39B3A"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a4\\(2.2\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D9878AB-E068-4A29-9420-65D93FB5BBBF"
},
{
"criteria": "cpe:2.3:a:cisco:application_control_engine_software:a5\\(1.0\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B30ACF96-F3BB-48C6-8CC8-06305F04D137"
}
],
"operator": "OR"
}
]
}
]