Lucene search
HistorySep 28, 2009 - 7:30 p.m.
CVE-2009-2868
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
6.8
Confidence
High
EPSS
0.006
Percentile
78.8%
Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.
Affected configurations
Node
ciscoiosMatch12.2ex
ORciscoiosMatch12.2ira
ORciscoiosMatch12.2irb
ORciscoiosMatch12.2irc
ORciscoiosMatch12.2sb
ORciscoiosMatch12.2sca
ORciscoiosMatch12.2scb
ORciscoiosMatch12.2se
ORciscoiosMatch12.2sra
ORciscoiosMatch12.2srb
ORciscoiosMatch12.2src
ORciscoiosMatch12.2srd
ORciscoiosMatch12.2sxh
ORciscoiosMatch12.2sxi
ORciscoiosMatch12.2xna
ORciscoiosMatch12.2xnb
ORciscoiosMatch12.2xnc
ORciscoiosMatch12.2xnd
ORciscoiosMatch12.3t
ORciscoiosMatch12.3xl
ORciscoiosMatch12.3xr
ORciscoiosMatch12.3xs
ORciscoiosMatch12.3xx
ORciscoiosMatch12.3ya
ORciscoiosMatch12.3yd
ORciscoiosMatch12.3yf
ORciscoiosMatch12.3yg
ORciscoiosMatch12.3yh
ORciscoiosMatch12.3yi
ORciscoiosMatch12.3yq
ORciscoiosMatch12.3ys
ORciscoiosMatch12.3yt
ORciscoiosMatch12.3yu
ORciscoiosMatch12.3yx
ORciscoiosMatch12.3yz
ORciscoiosMatch12.4
ORciscoiosMatch12.4t
ORciscoiosMatch12.4xb
ORciscoiosMatch12.4xc
ORciscoiosMatch12.4xd
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | ios | 12.2ex | cpe:2.3:o:cisco:ios:12.2ex:*:*:*:*:*:*:* |
| cisco | ios | 12.2ira | cpe:2.3:o:cisco:ios:12.2ira:*:*:*:*:*:*:* |
| cisco | ios | 12.2irb | cpe:2.3:o:cisco:ios:12.2irb:*:*:*:*:*:*:* |
| cisco | ios | 12.2irc | cpe:2.3:o:cisco:ios:12.2irc:*:*:*:*:*:*:* |
| cisco | ios | 12.2sb | cpe:2.3:o:cisco:ios:12.2sb:*:*:*:*:*:*:* |
| cisco | ios | 12.2sca | cpe:2.3:o:cisco:ios:12.2sca:*:*:*:*:*:*:* |
| cisco | ios | 12.2scb | cpe:2.3:o:cisco:ios:12.2scb:*:*:*:*:*:*:* |
| cisco | ios | 12.2se | cpe:2.3:o:cisco:ios:12.2se:*:*:*:*:*:*:* |
| cisco | ios | 12.2sra | cpe:2.3:o:cisco:ios:12.2sra:*:*:*:*:*:*:* |
| cisco | ios | 12.2srb | cpe:2.3:o:cisco:ios:12.2srb:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2009-2868
2009-09-28 18:20:00
nessus
nessus
securityvulns
securityvulns
Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability
2009-09-23 00:00:00
Cisco IOS multiple security vulnerabilities
2009-09-24 00:00:00
cisco
cisco
Cisco IOS Software Internet Key Exchange Resource Exhaustion Vulnerability
2009-09-23 16:00:00
prion
prion
Authentication flaw
2009-09-28 19:30:00
cve
cve
CVE-2009-2868
2009-09-28 19:30:01
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
6.8
Confidence
High
EPSS
0.006
Percentile
78.8%
Related for NVD:CVE-2009-2868