Description
The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP.
Products
- Cisco Content Distribution Manager 4630
- Cisco Content Distribution Manager 4630
- Cisco Content Distribution Manager 4630 4.0
- Cisco Content Distribution Manager 4630 4.1
- Cisco Content Distribution Manager 4650
- Cisco Content Distribution Manager 4650
- Cisco Content Distribution Manager 4650 4.0
- Cisco Content Distribution Manager 4650 4.1
- Cisco Content Engine 507
- Cisco Content Engine 507 2.2.0
- Cisco Content Engine 507 3.1
- Cisco Content Engine 507 4.0
- Cisco Content Engine 507 4.1
- Cisco Content Engine 560
- Cisco Content Engine 560 2.2.0
- Cisco Content Engine 560 3.1
- Cisco Content Engine 560 4.0
- Cisco Content Engine 560 4.1
- Cisco Content Engine 590
- Cisco Content Engine 590 2.2.0
- Cisco Content Engine 590 3.1
- Cisco Content Engine 590 4.0
- Cisco Content Engine 590 4.1
- Cisco Content Engine 7320
- Cisco Content Engine 7320 2.2.0
- Cisco Content Engine 7320 3.1
- Cisco Content Engine 7320 4.0
- Cisco Content Engine 7320 4.1
- Cisco Enterprise Content Delivery Network (ECDN) Software 4.0
- Cisco Enterprise Content Delivery Network (ECDN) Software 4.1
- Cisco Cache Engine 505 4.0
- Cisco Cache Engine 505 3.0
- Cisco Cache Engine 550
- Cisco Cache Engine 505
- Cisco Cache Engine 505 2.2.0
- Cisco Cache Engine 550 4.0
- Cisco Cache Engine 550 3.0
- Cisco Cache Engine 570 2.2.0
- Cisco Cache Engine 570 4.0
- Cisco Cache Engine 570 3.0
- Cisco Cache Engine 570
- Cisco Content Router 4430
- Cisco Content Router 4430
Questions to Ask Vendors
- Can you confirm whether your systems are affected by CVE-2002-0778, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2002-0778 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions
- Check out the advisory links provided below.
References