CVE-1999-1582

high Cisco
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
2.3%
Exploitation probability in 30 days
Top 15% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: July 15, 1998 (10165 days ago)
Last Modified: April 16, 2026
Vendor: Cisco
Source: NVD

Description

By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality.

CWE

NVD-CWE-Other

Affected Products

cisco pix firewall

References

🔗 www.cisco.com 🔗 www.kb.cert.org 🔗 exchange.xforce.ibmcloud.com 🔗 www.cisco.com 🔗 www.kb.cert.org