Vulnerability Description
The IPv6 Unicast Reverse Path Forwarding (RPF) implementation on the SEIL/X1, SEIL/X2, and SEIL/B1 routers with firmware 1.00 through 2.73, when strict mode is used, does not properly drop packets, which might allow remote attackers to bypass intended access restrictions via a spoofed IP address.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Iij | Seil\/X1 Firmware | 1.10 |
| Iij | Seil\/X1 | All versions |
| Iij | Seil\/X2 Firmware | 1.00 |
| Iij | Seil\/X2 | All versions |
| Iij | Seil\/B1 Firmware | 1.00 |
| Iij | Seil\/B1 | All versions |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN12683004/index.html
- http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000032.html
- http://secunia.com/advisories/41088
- http://www.seil.jp/seilseries/security/2010/a00875.phpVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61382
- http://jvn.jp/en/jp/JVN12683004/index.html
- http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000032.html
- http://secunia.com/advisories/41088
- http://www.seil.jp/seilseries/security/2010/a00875.phpVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61382
FAQ
What is CVE-2010-2363?
CVE-2010-2363 is a vulnerability with a CVSS score of 5.8 (MEDIUM). The IPv6 Unicast Reverse Path Forwarding (RPF) implementation on the SEIL/X1, SEIL/X2, and SEIL/B1 routers with firmware 1.00 through 2.73, when strict mode is used, does not properly drop packets, wh...
How severe is CVE-2010-2363?
CVE-2010-2363 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-2363?
Check the references section above for vendor advisories and patch information. Affected products include: Iij Seil\/X1 Firmware, Iij Seil\/X1, Iij Seil\/X2 Firmware, Iij Seil\/X2, Iij Seil\/B1 Firmware.