HIGH✓ PATCH🇬🇧 English

CVE-2010-1575

CVSS 7.5v2.0pub. 2010-07-06upd. 2026-04-29

The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Cisco Content Services Switch 11500

    HW
    Cisco
    08.20.1.01
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2010-1576HIGH7.5ten sam produkt

The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engin...

CVE-2010-2629HIGH7.5ten sam produkt

The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE)...

CVE-2015-0667MEDIUM5.0ten sam produkt

The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows rem...

CVE-2006-1631MEDIUM5.0ten sam produkt

Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services swi...

CVE-2005-3426MEDIUM5.0ten sam produkt

Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a...