CVE-2010-2822

Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6), allows remote attackers to cause a denial of service (device reload) via crafted RTSP packets over TCP, aka Bug IDs CSCta85227 and CSCtg14858.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml	Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:cisco:ace_4710::::::::
	cpe:2.3:h:cisco:ace_4710:a1\(2.0\):::::::*
	cpe:2.3:h:cisco:ace_4710:a1\(8.0\):::::::*
	cpe:2.3:h:cisco:ace_4710:a3\(1.0\):::::::*
	cpe:2.3:h:cisco:ace_4710:a3\(2.0\):::::::*
	cpe:2.3:h:cisco:ace_4710:a3\(2.5\):::::::*

Configuration 2 (hide)

AND

cpe:2.3:h:cisco:ace_module:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:catalyst_6500::::::::
	cpe:2.3:h:cisco:catalyst_7600::::::::

History

21 Nov 2024, 01:17

Type	Values Removed	Values Added
References	~~() http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml - Vendor Advisory~~	() http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml - Vendor Advisory

Information

Published : 2010-08-17 05:41

Updated : 2024-11-21 01:17

NVD link : CVE-2010-2822

Mitre link : CVE-2010-2822

CVE.ORG link : CVE-2010-2822

JSON object : View

Products Affected

cisco

catalyst_7600
ace_4710
catalyst_6500
ace_module

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-2822", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-08-17T05:41:21.487", "references": [{"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6), allows remote attackers to cause a denial of service (device reload) via crafted RTSP packets over TCP, aka Bug IDs CSCta85227 and CSCtg14858."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en la funcionalidad de inspecci\u00f3n RTSP del m\u00f3dulo \"Cisco Application Control Engine\" (ACE) con software anterior a A2(3.2) de Catalyst 6500 series switches y 7600 series routers, y el \"Cisco Application Control Engine\" (ACE) 4710 appliance con software anterior a A3(2.6), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de paquetes RTSP sobre TCP. Tambi\u00e9n conocido como Bug IDs CSCta85227 y CSCtg14858."}], "lastModified": "2024-11-21T01:17:26.563", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBFD21CF-CC38-477F-A78B-10CFEFF81E0A"}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a1\\(2.0\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142B1472-4694-436F-85C0-52B6A9CFCA64"}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a1\\(8.0\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A421567F-1772-46DC-9FBA-E0072DC6B7C6"}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a3\\(1.0\\):*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8F3BDA08-1786-46AD-93B3-C374BE1AC949"}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a3\\(2.0\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F635AF1-AFC0-420A-8227-0B161C9D15CB"}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a3\\(2.5\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A2481D0-BEAA-4147-B631-DFEA3E0C441E"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ace_module:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "152B69CD-BCC3-42FF-97AC-072BFDA0AF1A", "versionEndIncluding": "a2\\(3.1.0\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C8D63186-5834-448C-98F2-0C189A11D25D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}