CVE-2003-1398

Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification).

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2003-02/0131.html
http://securitytracker.com/id?1006075
http://www.securityfocus.com/bid/6823
https://exchange.xforce.ibmcloud.com/vulnerabilities/11306
http://archives.neohapsis.com/archives/bugtraq/2003-02/0131.html
http://securitytracker.com/id?1006075
http://www.securityfocus.com/bid/6823
https://exchange.xforce.ibmcloud.com/vulnerabilities/11306

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios:12.0:::::::*
	cpe:2.3:o:cisco:ios:12.0s:::::::*
	cpe:2.3:o:cisco:ios:12.0st:::::::*
	cpe:2.3:o:cisco:ios:12.0t:::::::*
	cpe:2.3:o:cisco:ios:12.1:::::::*
	cpe:2.3:o:cisco:ios:12.1e:::::::*
	cpe:2.3:o:cisco:ios:12.1t:::::::*
	cpe:2.3:o:cisco:ios:12.2:::::::*
	cpe:2.3:o:cisco:ios:12.2e:::::::*
	cpe:2.3:o:cisco:ios:12.2f:::::::*
	cpe:2.3:o:cisco:ios:12.2s:::::::*
	cpe:2.3:o:cisco:ios:12.2t:::::::*

History

20 Nov 2024, 23:47

Type	Values Removed	Values Added
References	~~() http://archives.neohapsis.com/archives/bugtraq/2003-02/0131.html -~~	() http://archives.neohapsis.com/archives/bugtraq/2003-02/0131.html -
References	~~() http://securitytracker.com/id?1006075 -~~	() http://securitytracker.com/id?1006075 -
References	~~() http://www.securityfocus.com/bid/6823 -~~	() http://www.securityfocus.com/bid/6823 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/11306 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/11306 -

Information

Published : 2003-12-31 05:00

Updated : 2024-11-20 23:47

NVD link : CVE-2003-1398

Mitre link : CVE-2003-1398

CVE.ORG link : CVE-2003-1398

JSON object : View

Products Affected

cisco

ios

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2003-1398", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-12-31T05:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0131.html", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1006075", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/6823", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11306", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0131.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1006075", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/6823", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11306", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification)."}], "lastModified": "2024-11-20T23:47:02.800", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F86F790-6247-42F2-9487-3D60A2842F52"}, {"criteria": "cpe:2.3:o:cisco:ios:12.0s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C398460-3F38-4AA7-A4B1-FD8A01588DB5"}, {"criteria": "cpe:2.3:o:cisco:ios:12.0st:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBEA01D2-B985-4575-AF00-144CE2E3024D"}, {"criteria": "cpe:2.3:o:cisco:ios:12.0t:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA7F94E8-86FC-456B-A7BB-57953F67F754"}, {"criteria": "cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F2F9EC5-EDA2-4C99-BBF1-2F2C92AACE95"}, {"criteria": "cpe:2.3:o:cisco:ios:12.1e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7126E176-D739-4102-8F10-1EEB8C6A219D"}, {"criteria": "cpe:2.3:o:cisco:ios:12.1t:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "752C3C6B-910D-4153-A162-DF255F60306B"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2e:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84E71A69-60C3-4F63-B368-A9AEE6E501A0"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2f:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD1C019A-0B91-4A3C-98DB-F467C054AA15"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D035A35-D53E-4C49-B4E4-F40B85866F27"}, {"criteria": "cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84900BB3-B49F-448A-9E04-FE423FBCCC4F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}