CVE-2009-2862

Опубликовано: 28 сент. 2009

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.

Ссылки

http://osvdb.org/58338
Broken Link
http://tools.cisco.com/security/center/viewAlert.x?alertId=18876
Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml
Vendor Advisory
http://www.securityfocus.com/bid/36495
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1022933
Broken Link
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2009/2759
Permissions Required
http://osvdb.org/58338
Broken Link
http://tools.cisco.com/security/center/viewAlert.x?alertId=18876
Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml
Vendor Advisory
http://www.securityfocus.com/bid/36495
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1022933
Broken Link
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2009/2759
Permissions Required

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:cisco:ios:12.2xnb:*:*:*:*:*:*:*

cpe:2.3:o:cisco:ios:12.2xnc:*:*:*:*:*:*:*

cpe:2.3:o:cisco:ios:12.2xnd:*:*:*:*:*:*:*

cpe:2.3:o:cisco:ios:12.4md:*:*:*:*:*:*:*

cpe:2.3:o:cisco:ios:12.4t:*:*:*:*:*:*:*

cpe:2.3:o:cisco:ios:12.4xz:*:*:*:*:*:*:*

cpe:2.3:o:cisco:ios:12.4ya:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00521

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-jv67-6q9j-gjmg

github

почти 4 года назад