Vulnerability Details CVE-2012-3063
Cisco Application Control Engine (ACE) before A4(2.3) and A5 before A5(1.1), when multicontext mode is enabled, does not properly share a management IP address among multiple contexts, which allows remote authenticated administrators to bypass intended access restrictions in opportunistic circumstances, and read or modify configuration settings, via a login attempt to a context, aka Bug ID CSCts30631, a different vulnerability than CVE-2012-3058.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.9%
CVSS Severity
CVSS v2 Score 7.1
References
Products affected by CVE-2012-3063
-
cpe:2.3:a:cisco:application_control_engine_software:a1(7)
-
cpe:2.3:a:cisco:application_control_engine_software:a1(7a)
-
cpe:2.3:a:cisco:application_control_engine_software:a1(7b)
-
cpe:2.3:a:cisco:application_control_engine_software:a1(8)
-
cpe:2.3:a:cisco:application_control_engine_software:a1(8a)
-
cpe:2.3:a:cisco:application_control_engine_software:a3(1.0)
-
cpe:2.3:a:cisco:application_control_engine_software:a3(2.1)
-
cpe:2.3:a:cisco:application_control_engine_software:a3(2.2)
-
cpe:2.3:a:cisco:application_control_engine_software:a3(2.3)
-
cpe:2.3:a:cisco:application_control_engine_software:a3(2.4)
-
cpe:2.3:a:cisco:application_control_engine_software:a3(2.5)
-
cpe:2.3:a:cisco:application_control_engine_software:a3(2.6)
-
cpe:2.3:a:cisco:application_control_engine_software:a3(2.7)
-
cpe:2.3:a:cisco:application_control_engine_software:a4(1.0)
-
cpe:2.3:a:cisco:application_control_engine_software:a4(1.1)
-
cpe:2.3:a:cisco:application_control_engine_software:a4(2.0)
-
cpe:2.3:a:cisco:application_control_engine_software:a4(2.1)
-
cpe:2.3:a:cisco:application_control_engine_software:a4(2.2)
-
cpe:2.3:a:cisco:application_control_engine_software:a5(1.0)