VAR-200212-0063
Vulnerability from variot - Updated: 2025-04-03 22:40SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name. SonicWall Content Filtering software is designed for use with SonicWall Appliances. It has been reported that the SonicWall Content Filtering software does not sufficiently check addresses when requests are made. Because of this, it would be possible for a user behind the system to reach a restricted-access site by requesting the site on the basis of IP addresses. A remote attacker could exploit this vulnerability to bypass content inspection and access otherwise restricted sites
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0063",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "content filtering",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "*"
},
{
"model": "content filtering",
"scope": null,
"trust": 0.9,
"vendor": "sonicwall",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "6063"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-313"
},
{
"db": "NVD",
"id": "CVE-2002-2181"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marc Ruef\u203b marc.ruef@computec.ch",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-313"
}
],
"trust": 0.6
},
"cve": "CVE-2002-2181",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-2181",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-6564",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-2181",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-313",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6564",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6564"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-313"
},
{
"db": "NVD",
"id": "CVE-2002-2181"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site\u0027s IP address instead of the domain name. SonicWall Content Filtering software is designed for use with SonicWall Appliances. \nIt has been reported that the SonicWall Content Filtering software does not sufficiently check addresses when requests are made. Because of this, it would be possible for a user behind the system to reach a restricted-access site by requesting the site on the basis of IP addresses. A remote attacker could exploit this vulnerability to bypass content inspection and access otherwise restricted sites",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2181"
},
{
"db": "BID",
"id": "6063"
},
{
"db": "VULHUB",
"id": "VHN-6564"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "6063",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-2181",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200212-313",
"trust": 0.7
},
{
"db": "XF",
"id": "10531",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20021029 BYPASSING WEBSITE FILTER IN SONICWALL",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3768",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-6564",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6564"
},
{
"db": "BID",
"id": "6063"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-313"
},
{
"db": "NVD",
"id": "CVE-2002-2181"
}
]
},
"id": "VAR-200212-0063",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6564"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:40:44.382000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2181"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/6063"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/297692"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10531.php"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3768"
},
{
"trust": 0.3,
"url": "http://www.sonicwall.com"
},
{
"trust": 0.3,
"url": "/archive/1/297692"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6564"
},
{
"db": "BID",
"id": "6063"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-313"
},
{
"db": "NVD",
"id": "CVE-2002-2181"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-6564"
},
{
"db": "BID",
"id": "6063"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-313"
},
{
"db": "NVD",
"id": "CVE-2002-2181"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6564"
},
{
"date": "2002-10-29T00:00:00",
"db": "BID",
"id": "6063"
},
{
"date": "2002-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-313"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2181"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-6564"
},
{
"date": "2002-10-29T00:00:00",
"db": "BID",
"id": "6063"
},
{
"date": "2006-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-313"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-2181"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-313"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SonicWall Content filtering software URL Filtering can bypass the vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200212-313"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Configuration Error",
"sources": [
{
"db": "BID",
"id": "6063"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-313"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…