Vulnerability Details CVE-2006-2322
The transparent proxy feature of the Cisco Application Velocity System (AVS) 3110 5.0 and 4.0 and earlier, and 3120 5.0.0 and earlier, has a default configuration that allows remote attackers to proxy arbitrary TCP connections, aka Bug ID CSCsd32143.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 72.7%
CVSS Severity
CVSS v2 Score 6.4
References
- http://secunia.com/advisories/20079
- http://securitytracker.com/id?1016056
- http://www.cisco.com/warp/public/707/cisco-sa-20060510-avs.shtml
- http://www.osvdb.org/25459
- http://www.securityfocus.com/bid/17937
- http://www.vupen.com/english/advisories/2006/1762
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26351
- http://secunia.com/advisories/20079
- http://securitytracker.com/id?1016056
- http://www.cisco.com/warp/public/707/cisco-sa-20060510-avs.shtml
- http://www.osvdb.org/25459
- http://www.securityfocus.com/bid/17937
- http://www.vupen.com/english/advisories/2006/1762
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26351
Products affected by CVE-2006-2322
-
cpe:2.3:h:cisco:application_velocity_system_3110:4.0
-
cpe:2.3:h:cisco:application_velocity_system_3110:5.0
-
cpe:2.3:h:cisco:application_velocity_system_3120:5.0