Information Disclosure Vulnerability in Cisco Content Service Switches
CVE-2006-4352

Currently unrated

Key Information:

Vendor: Cisco
Status: Content Services Switch 11000
Vendor: CVE Published:; 25 August 2006

What is CVE-2006-4352?

The ArrowPoint cookie functionality implemented in Cisco 11000 series Content Service Switches may expose sensitive information. If an administrator neglects to specify a string option, the switch can default to revealing an internal IP address. This oversight can be exploited by remote attackers, potentially leading to data leakage and other security implications.

References

http://www.osvdb.org/28121

vdb-entryx_refsource_OSVDB

http://www.cisco.com/warp/public/117/AP_cookies.html

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 25, 2006