Vulnerability Report

CVE-2001-1087

Title: NetCache config.http.tunnel.allow_ports = +all allows arbitrary port connections

Unauthorized network access

Proof Of Concept

No public PoC currently indexed for CVE-2001-1087.

CWE Category NVD-CWE-noinfo

Published Date Jul 05, 2001

Modified Date Apr 03, 2025

Exploit Status Not Found

Score 7.5 CVSS v2.0

Exploit Probability (EPSS)

0.72%

Vulnerability Summary

CVE-2001-1087: The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device.

Impacted Vendors

network_appliance 1

Reference Links

http://www.securityfocus.com/archive/1/195176 http://www.securityfocus.com/bid/2990 https://exchange.xforce.ibmcloud.com/vulnerabilities/6807 http://www.securityfocus.com/archive/1/195176 http://www.securityfocus.com/bid/2990 https://exchange.xforce.ibmcloud.com/vulnerabilities/6807

CVSS v2.0

Source Entity [email protected]

Severity HIGH

7.5

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:P/I:P/A:P

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2001-1087 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

July 05, 2001 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected Stack

No specific products linked.