CVE-2009-2862
Published Sep 28, 2009
Last updated 2 years ago
Overview
- Description
- The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xnb:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17AA0C3D-7C96-4D2E-91E5-232536245ABF"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xnc:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D57ACB3-4ADC-4FBE-BA46-395F277B9997"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xnd:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2916FA5-1FFF-48FB-A079-693AD3444CC1"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4md:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2222EED-6CB2-4D18-8AF5-FAE55BC6213F"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4t:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEAD7398-D1B2-47FB-952D-8C3162D5A363"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4xz:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4963A243-74FA-43AD-9645-C9FAD527A6E1"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4ya:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31C6EACA-35BE-4032-93DA-5F738AEE0F4A"
}
],
"operator": "OR"
}
]
}
]