CVE-1999-1175

Published: Dec 31, 1999Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048.

Affected (1)

Products: Cisco: Ios

Cisco

1 product

Ios

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Ios	Up to 11.2

References (6)

http://www.ciac.org/ciac/bulletins/i-054.shtml

Source: cve@mitre.org

PatchVendor Advisory

http://www.cisco.com/warp/public/770/wccpauth-pub.shtml

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/1577

Source: cve@mitre.org

http://www.ciac.org/ciac/bulletins/i-054.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.cisco.com/warp/public/770/wccpauth-pub.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/1577

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.