CVE-2010-2363
Severity CVSS v4.0:
Pending analysis
Type:
CWE-264
Permissions, Privileges, and Access Control
Publication date:
30/08/2010
Last modified:
11/04/2025
Description
The IPv6 Unicast Reverse Path Forwarding (RPF) implementation on the SEIL/X1, SEIL/X2, and SEIL/B1 routers with firmware 1.00 through 2.73, when strict mode is used, does not properly drop packets, which might allow remote attackers to bypass intended access restrictions via a spoofed IP address.
Impact
Base Score 2.0
5.80
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:iij:seil\/x1_firmware:1.10:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.11:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.20:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.21:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.22:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.30:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.31:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.32:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.40:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.41:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.43:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:1.44:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:2.10:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:2.20:*:*:*:*:*:*:* | ||
cpe:2.3:a:iij:seil\/x1_firmware:2.30:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://jvn.jp/en/jp/JVN12683004/index.html
- http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000032.html
- http://secunia.com/advisories/41088
- http://www.seil.jp/seilseries/security/2010/a00875.php
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61382
- http://jvn.jp/en/jp/JVN12683004/index.html
- http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000032.html
- http://secunia.com/advisories/41088
- http://www.seil.jp/seilseries/security/2010/a00875.php
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61382