Vulnerabilities > CVE-1999-1582 - Unspecified vulnerability in Cisco PIX Firewall

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

cisco

NVD

Published: 1998-07-15

Updated: 2017-07-11

Summary

By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco PIX Firewall *	1

References

http://www.cisco.com/warp/public/707/pixest-pub.shtml
http://www.kb.cert.org/vuls/id/6733
https://exchange.xforce.ibmcloud.com/vulnerabilities/8052