CVE-2005-3427 - The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit port field values while gener

CVE-2005-3427

Summary

The Cisco Management Center (MC) for IPS Sensors (IPS MC) 2.1 can omit port field values while generating the Cisco IOS IPS configuration file, wich can cause some signatures to be disabled and makes it easier for attackers to escape detection.

References

Vulnerable Configurations

cpe:2.3:a:cisco:ciscoworks_management_center_for_ips_sensors:2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_management_center_for_ips_sensors:2.1:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 11-07-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:P/A:N

refmap via4

bid	15269
cert-vn	VU#154883
cisco	20051101 Cisco IPS MC Malformed Configuration Download Vulnerability
osvdb	20444
sectrack	1015133
secunia	17397
sreason	137
vupen	ADV-2005-2266
xf	cisco-ios-ips-bypass-security(22926)

Last major update

11-07-2017 - 01:33

Published

02-11-2005 - 00:02

Last modified

11-07-2017 - 01:33