Vulnerability Details CVE-2009-2862
The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.9%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/58338
- http://tools.cisco.com/security/center/viewAlert.x?alertId=18876
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml
- http://www.securityfocus.com/bid/36495
- http://www.securitytracker.com/id?1022933
- http://www.vupen.com/english/advisories/2009/2759
- http://osvdb.org/58338
- http://tools.cisco.com/security/center/viewAlert.x?alertId=18876
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml
- http://www.securityfocus.com/bid/36495
- http://www.securitytracker.com/id?1022933
- http://www.vupen.com/english/advisories/2009/2759
Products affected by CVE-2009-2862
-
cpe:2.3:o:cisco:ios:12.2xnb
-
cpe:2.3:o:cisco:ios:12.2xnc
-
cpe:2.3:o:cisco:ios:12.2xnd
-
cpe:2.3:o:cisco:ios:12.4md
-
cpe:2.3:o:cisco:ios:12.4t
-
cpe:2.3:o:cisco:ios:12.4xz
-
cpe:2.3:o:cisco:ios:12.4ya