Lucene search
HistorySep 28, 2009 - 7:30 p.m.
CVE-2009-2863
cisco
ios
firewall
authentication
proxy
race condition
cve-2009-2863
bug id cscsy15227
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
6.6 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.3%
Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.
Affected configurations
Node
ciscoiosMatch12.0xk
ORciscoiosMatch12.0xr
ORciscoiosMatch12.1
ORciscoiosMatch12.1e
ORciscoiosMatch12.1ex
ORciscoiosMatch12.1t
ORciscoiosMatch12.1xc
ORciscoiosMatch12.1xh
ORciscoiosMatch12.1xi
ORciscoiosMatch12.1xj
ORciscoiosMatch12.1xm
ORciscoiosMatch12.1xp
ORciscoiosMatch12.1xr
ORciscoiosMatch12.1yb
ORciscoiosMatch12.1yd
ORciscoiosMatch12.1yf
ORciscoiosMatch12.1yi
ORciscoiosMatch12.2
ORciscoiosMatch12.2b
ORciscoiosMatch12.2bw
ORciscoiosMatch12.2cz
ORciscoiosMatch12.2dd
ORciscoiosMatch12.2ex
ORciscoiosMatch12.2ey
ORciscoiosMatch12.2fz
ORciscoiosMatch12.2ira
ORciscoiosMatch12.2irb
ORciscoiosMatch12.2irc
ORciscoiosMatch12.2ixa
ORciscoiosMatch12.2ixb
ORciscoiosMatch12.2ixc
ORciscoiosMatch12.2ixd
ORciscoiosMatch12.2ixe
ORciscoiosMatch12.2ixf
ORciscoiosMatch12.2ixg
ORciscoiosMatch12.2s
ORciscoiosMatch12.2sbc
ORciscoiosMatch12.2se
ORciscoiosMatch12.2sec
ORciscoiosMatch12.2sed
ORciscoiosMatch12.2see
ORciscoiosMatch12.2sef
ORciscoiosMatch12.2seg
ORciscoiosMatch12.2sg
ORciscoiosMatch12.2sga
ORciscoiosMatch12.2sq
ORciscoiosMatch12.2sra
ORciscoiosMatch12.2srb
ORciscoiosMatch12.2src
ORciscoiosMatch12.2su
ORciscoiosMatch12.2sx
ORciscoiosMatch12.2sxa
ORciscoiosMatch12.2sxb
ORciscoiosMatch12.2sxd
ORciscoiosMatch12.2sxe
ORciscoiosMatch12.2sxf
ORciscoiosMatch12.2sxh
ORciscoiosMatch12.2sxi
ORciscoiosMatch12.2t
ORciscoiosMatch12.2tpc
ORciscoiosMatch12.2xa
ORciscoiosMatch12.2xb
ORciscoiosMatch12.2xd
ORciscoiosMatch12.2xe
ORciscoiosMatch12.2xg
ORciscoiosMatch12.2xj
ORciscoiosMatch12.2xk
ORciscoiosMatch12.2xl
ORciscoiosMatch12.2xm
ORciscoiosMatch12.2xo
ORciscoiosMatch12.2xq
ORciscoiosMatch12.2xt
ORciscoiosMatch12.2xv
ORciscoiosMatch12.2xw
ORciscoiosMatch12.2ya
ORciscoiosMatch12.2yb
ORciscoiosMatch12.2yc
ORciscoiosMatch12.2ye
ORciscoiosMatch12.2yf
ORciscoiosMatch12.2yh
ORciscoiosMatch12.2yl
ORciscoiosMatch12.2ym
ORciscoiosMatch12.2yn
ORciscoiosMatch12.2yq
ORciscoiosMatch12.2yu
ORciscoiosMatch12.2yv
ORciscoiosMatch12.2yx
ORciscoiosMatch12.2yz
ORciscoiosMatch12.2zd
ORciscoiosMatch12.2zh
ORciscoiosMatch12.2zj
ORciscoiosMatch12.2zl
ORciscoiosMatch12.2zy
ORciscoiosMatch12.2zya
ORciscoiosMatch12.3
ORciscoiosMatch12.3b
ORciscoiosMatch12.3jk
ORciscoiosMatch12.3t
ORciscoiosMatch12.3tpc
ORciscoiosMatch12.3va
ORciscoiosMatch12.3xa
ORciscoiosMatch12.3xc
ORciscoiosMatch12.3xd
ORciscoiosMatch12.3xe
ORciscoiosMatch12.3xf
ORciscoiosMatch12.3xg
ORciscoiosMatch12.3xk
ORciscoiosMatch12.3xl
ORciscoiosMatch12.3xq
ORciscoiosMatch12.3xr
ORciscoiosMatch12.3xx
ORciscoiosMatch12.3ya
ORciscoiosMatch12.3yd
ORciscoiosMatch12.3yg
ORciscoiosMatch12.3yh
ORciscoiosMatch12.3yi
ORciscoiosMatch12.3yk
ORciscoiosMatch12.3ym
ORciscoiosMatch12.3yt
ORciscoiosMatch12.3yz
ORciscoiosMatch12.4
ORciscoiosMatch12.4mr
ORciscoiosMatch12.4t
ORciscoiosMatch12.4xa
ORciscoiosMatch12.4xd
ORciscoiosMatch12.4xe
ORciscoiosMatch12.4xf
ORciscoiosMatch12.4xj
ORciscoiosMatch12.4xk
ORciscoiosMatch12.4xt
ORciscoiosMatch12.4xv
ORciscoiosMatch12.4xw
ORciscoiosMatch12.4xy
ORciscoiosMatch12.4xz
ORciscoiosMatch12.4ya
ORciscoiosMatch12.4yb
Related
nessus
nessus
Cisco IOS Software Authentication Proxy Vulnerability - Cisco Systems
2010-09-01 00:00:00
cvelist
cvelist
CVE-2009-2863
2009-09-28 18:20:00
nvd
nvd
CVE-2009-2863
2009-09-28 19:30:01
cisco
cisco
Cisco IOS Software Authentication Proxy Vulnerability
2009-09-23 16:00:00
prion
prion
Race condition
2009-09-28 19:30:00
7.1 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:C/I:N/A:N
6.6 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
70.3%
Related for CVE-2009-2863