CVE-2009-2862
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/09/2009
Last modified:
09/04/2025
Description
The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:ios:12.2xnb:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xnc:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xnd:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.4md:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.4t:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.4xz:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.4ya:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://osvdb.org/58338
- http://tools.cisco.com/security/center/viewAlert.x?alertId=18876
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml
- http://www.securityfocus.com/bid/36495
- http://www.securitytracker.com/id?1022933=
- http://www.vupen.com/english/advisories/2009/2759
- http://osvdb.org/58338
- http://tools.cisco.com/security/center/viewAlert.x?alertId=18876
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml
- http://www.securityfocus.com/bid/36495
- http://www.securitytracker.com/id?1022933=
- http://www.vupen.com/english/advisories/2009/2759