VAR-202001-0112
Vulnerability from variot - Updated: 2024-08-14 13:25Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks. When there is an error in verifying the \"basicConstraints\" parameter of the certificate in the certificate chain, it can be used to forge the certificate of any domain and obtain the encrypted information through the man-in-the-middle attack. Successfully exploiting these issues will allow attackers to bypass security restrictions and perform unauthorized actions. The program offers features such as Web Reputation Filter (WBRS) and anti-malware scanning engine. The vulnerability is caused by the program not properly handling SSL and TLS security certificates. A remote attacker can exploit this vulnerability to implement a man-in-the-middle attack
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-0112",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ironport web security appliance",
"scope": "lte",
"trust": 1.8,
"vendor": "cisco",
"version": "7.5"
},
{
"model": "ironport web security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.x"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1836"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006562"
},
{
"db": "NVD",
"id": "CVE-2012-1326"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:ironport_web_security_appliance",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006562"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jeff Jarmoc",
"sources": [
{
"db": "BID",
"id": "52981"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1326",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2012-1326",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-54607",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2012-1326",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2012-1326",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2012-1326",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2012-1326",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201204-137",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54607",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54607"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006562"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-137"
},
{
"db": "NVD",
"id": "CVE-2012-1326"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks. When there is an error in verifying the \\\"basicConstraints\\\" parameter of the certificate in the certificate chain, it can be used to forge the certificate of any domain and obtain the encrypted information through the man-in-the-middle attack. \nSuccessfully exploiting these issues will allow attackers to bypass security restrictions and perform unauthorized actions. The program offers features such as Web Reputation Filter (WBRS) and anti-malware scanning engine. The vulnerability is caused by the program not properly handling SSL and TLS security certificates. A remote attacker can exploit this vulnerability to implement a man-in-the-middle attack",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1326"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006562"
},
{
"db": "CNVD",
"id": "CNVD-2012-1836"
},
{
"db": "BID",
"id": "52981"
},
{
"db": "VULHUB",
"id": "VHN-54607"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1326",
"trust": 3.4
},
{
"db": "BID",
"id": "52981",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006562",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201204-137",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2012-1836",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-54607",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1836"
},
{
"db": "VULHUB",
"id": "VHN-54607"
},
{
"db": "BID",
"id": "52981"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006562"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-137"
},
{
"db": "NVD",
"id": "CVE-2012-1326"
}
]
},
"id": "VAR-202001-0112",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1836"
},
{
"db": "VULHUB",
"id": "VHN-54607"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1836"
}
]
},
"last_update_date": "2024-08-14T13:25:09.307000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco-SA-20120412-CVE-2012-1326",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20120412-CVE-2012-1326"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006562"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54607"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006562"
},
{
"db": "NVD",
"id": "CVE-2012-1326"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120412-cve-2012-1326"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/52981"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1326"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1326"
},
{
"trust": 0.6,
"url": "http://www.secureworks.com/research/threats/transitive-trust/http"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/ps10164/index.html"
},
{
"trust": 0.3,
"url": "http://www.secureworks.com/research/threats/transitive-trust/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2012-1836"
},
{
"db": "VULHUB",
"id": "VHN-54607"
},
{
"db": "BID",
"id": "52981"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006562"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-137"
},
{
"db": "NVD",
"id": "CVE-2012-1326"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2012-1836"
},
{
"db": "VULHUB",
"id": "VHN-54607"
},
{
"db": "BID",
"id": "52981"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-006562"
},
{
"db": "CNNVD",
"id": "CNNVD-201204-137"
},
{
"db": "NVD",
"id": "CVE-2012-1326"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1836"
},
{
"date": "2020-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-54607"
},
{
"date": "2012-04-11T00:00:00",
"db": "BID",
"id": "52981"
},
{
"date": "2020-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006562"
},
{
"date": "2012-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-137"
},
{
"date": "2020-01-15T14:15:11.700000",
"db": "NVD",
"id": "CVE-2012-1326"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-04-12T00:00:00",
"db": "CNVD",
"id": "CNVD-2012-1836"
},
{
"date": "2020-01-23T00:00:00",
"db": "VULHUB",
"id": "VHN-54607"
},
{
"date": "2012-04-11T00:00:00",
"db": "BID",
"id": "52981"
},
{
"date": "2020-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-006562"
},
{
"date": "2020-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201204-137"
},
{
"date": "2020-01-23T03:27:13.747000",
"db": "NVD",
"id": "CVE-2012-1326"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-137"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IronPort Web Security Appliance Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-006562"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201204-137"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…