Authentication Bypass Vulnerability in Cisco Content Services Switch 11500
CVE-2010-1575

Currently unrated

Key Information:

Vendor: Cisco
Status: Content Services Switch 11500
Vendor: CVE Published:; 6 July 2010

Summary

The Cisco Content Services Switch (CSS) 11500 with software version 08.20.1.01 is susceptible to an authentication bypass vulnerability. This issue arises from the manner in which the device handles ClientCert-* headers, which are used for authentication. Specifically, the CSS does not properly delete client-supplied ClientCert-* headers. As a result, this oversight may permit remote attackers to craft malicious header data aimed at bypassing the intended authentication mechanisms. An example of such an attack involves manipulating the ClientCert-Subject-CN header, effectively allowing unauthorized access. For details, reference advisories from security channels discussing similar vulnerabilities.

References

http://www.securityfocus.com/archive/1/512144/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://securitytracker.com/id?1024167

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/41315

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jul 6, 2010
Vulnerability Reserved
Apr 27, 2010