cvelistv5 - cve-2009-0062

cve-2009-0062

Vulnerability from cvelistv5

Published

2009-02-05 00:00

Modified

2024-08-07 04:24

Severity ?

Summary

References

URL	Tags
ykramarz@cisco.com	http://secunia.com/advisories/33749
ykramarz@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml	Vendor Advisory
ykramarz@cisco.com	http://www.securityfocus.com/bid/33608
ykramarz@cisco.com	http://www.securitytracker.com/id?1021678
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33749
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33608
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021678

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:17.028Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20090204 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"
          },
          {
            "name": "33608",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33608"
          },
          {
            "name": "33749",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33749"
          },
          {
            "name": "1021678",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1021678"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-02-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-10T10:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20090204 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"
        },
        {
          "name": "33608",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33608"
        },
        {
          "name": "33749",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33749"
        },
        {
          "name": "1021678",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1021678"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0062",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20090204 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"
            },
            {
              "name": "33608",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33608"
            },
            {
              "name": "33749",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33749"
            },
            {
              "name": "1021678",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1021678"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-0062",
    "datePublished": "2009-02-05T00:00:00",
    "dateReserved": "2009-01-07T00:00:00",
    "dateUpdated": "2024-08-07T04:24:17.028Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D797EE92-8C85-4C83-A96A-DF1922712742\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2.173.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7116274D-F131-42CC-99DA-F22CC39E4525\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_6500_wireless_services_modules:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E96B28A-CF63-48C9-8B8E-8BC432A6A5EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:catalyst_6500_wireless_services_modules:4.2.173.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75E04EA5-F134-4930-97CB-BD68484403FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC1E1F40-ECB6-42FB-838E-998B1893D5CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.173.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"57C6B8CB-9277-463B-84EB-AEF36EE40E7B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), y Cisco Catalyst 3750 Integrated Wireless LAN Controller con software v4.2.173.0, permite a usuarios remotos autenticados obtener privilegios mediante vectores desconocidos, como es demostrado por la escalada de privilegios desde los niveles (1) Lobby Admin y (2) Local Management User.\"}]",
      "id": "CVE-2009-0062",
      "lastModified": "2024-11-21T00:58:58.470",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2009-02-05T00:30:00.327",
      "references": "[{\"url\": \"http://secunia.com/advisories/33749\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/33608\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id?1021678\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://secunia.com/advisories/33749\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/33608\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1021678\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-0062\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2009-02-05T00:30:00.327\",\"lastModified\":\"2024-11-21T00:58:58.470\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), y Cisco Catalyst 3750 Integrated Wireless LAN Controller con software v4.2.173.0, permite a usuarios remotos autenticados obtener privilegios mediante vectores desconocidos, como es demostrado por la escalada de privilegios desde los niveles (1) Lobby Admin y (2) Local Management User.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D797EE92-8C85-4C83-A96A-DF1922712742\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2.173.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7116274D-F131-42CC-99DA-F22CC39E4525\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_6500_wireless_services_modules:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E96B28A-CF63-48C9-8B8E-8BC432A6A5EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:catalyst_6500_wireless_services_modules:4.2.173.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75E04EA5-F134-4930-97CB-BD68484403FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC1E1F40-ECB6-42FB-838E-998B1893D5CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.173.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57C6B8CB-9277-463B-84EB-AEF36EE40E7B\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/33749\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/33608\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id?1021678\",\"source\":\"ykramarz@cisco.com\"},{\"url\":\"http://secunia.com/advisories/33749\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/33608\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1021678\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

ghsa-8hv4-wf5q-j3p8

Vulnerability from github

Published

2022-05-02 03:12

Modified

2022-05-02 03:12

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-0062"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-02-05T00:30:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.",
  "id": "GHSA-8hv4-wf5q-j3p8",
  "modified": "2022-05-02T03:12:39Z",
  "published": "2022-05-02T03:12:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0062"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/33749"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/33608"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1021678"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2009-0062

Vulnerability from fkie_nvd

Published

2009-02-05 00:30

Modified

2024-11-21 00:58

Severity ?

Summary

References

URL	Tags
ykramarz@cisco.com	http://secunia.com/advisories/33749
ykramarz@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml	Vendor Advisory
ykramarz@cisco.com	http://www.securityfocus.com/bid/33608
ykramarz@cisco.com	http://www.securitytracker.com/id?1021678
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33749
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33608
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1021678

Impacted products

Vendor	Product	Version
cisco	catalyst_3750_series_integrated_wireless_lan_controller	4.2
cisco	catalyst_3750_series_integrated_wireless_lan_controller	4.2.173.0
cisco	catalyst_6500_wireless_services_modules	4.2
cisco	catalyst_6500_wireless_services_modules	4.2.173.0
cisco	wireless_lan_controller_software	4.2
cisco	wireless_lan_controller_software	4.2.173.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D797EE92-8C85-4C83-A96A-DF1922712742",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2.173.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7116274D-F131-42CC-99DA-F22CC39E4525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6500_wireless_services_modules:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E96B28A-CF63-48C9-8B8E-8BC432A6A5EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6500_wireless_services_modules:4.2.173.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "75E04EA5-F134-4930-97CB-BD68484403FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC1E1F40-ECB6-42FB-838E-998B1893D5CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.173.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C6B8CB-9277-463B-84EB-AEF36EE40E7B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), y Cisco Catalyst 3750 Integrated Wireless LAN Controller con software v4.2.173.0, permite a usuarios remotos autenticados obtener privilegios mediante vectores desconocidos, como es demostrado por la escalada de privilegios desde los niveles (1) Lobby Admin y (2) Local Management User."
    }
  ],
  "id": "CVE-2009-0062",
  "lastModified": "2024-11-21T00:58:58.470",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-02-05T00:30:00.327",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "url": "http://secunia.com/advisories/33749"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.securityfocus.com/bid/33608"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.securitytracker.com/id?1021678"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33749"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33608"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021678"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2009-0062

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2009-0062

Aliases

CVE-2009-0062

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-0062",
    "description": "Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.",
    "id": "GSD-2009-0062"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-0062"
      ],
      "details": "Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels.",
      "id": "GSD-2009-0062",
      "modified": "2023-12-13T01:19:44.628793Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2009-0062",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20090204 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"
          },
          {
            "name": "33608",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/33608"
          },
          {
            "name": "33749",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/33749"
          },
          {
            "name": "1021678",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1021678"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.173.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_wireless_services_modules:4.2.173.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2.173.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_wireless_services_modules:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-0062"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20090204 Multiple Vulnerabilities in Cisco Wireless LAN Controllers",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6c1dd.shtml"
            },
            {
              "name": "33608",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/33608"
            },
            {
              "name": "1021678",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1021678"
            },
            {
              "name": "33749",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/33749"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:25Z",
      "publishedDate": "2009-02-05T00:30Z"
    }
  }
}

Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels. Multiple Cisco Wireless LAN Controllers are prone to these remote vulnerabilities: - Multiple denial-of-service vulnerabilities - A remote privilege-escalation vulnerability Remote attackers can exploit these issues to gain administrative rights on an affected device or crash the device, denying service to legitimate users.

1) An unspecified error can be exploited to reload the device or to render the web authentication functionality unusable.

2) An error when processing POST requests sent to the web authentication login.html page can be exploited to trigger a device reload.

The vulnerabilities affect Wireless LAN Controller software versions 4.1 and later on all platforms.

3) An error related to the TSEC driver can be exploited to render a device unresponsive via specially crafted IP packets.

4) An unspecified error can be exploited by unprivileged users to gain full administrative rights to an affected system.

This vulnerability affects Wireless LAN Controller software version 4.2.173.0.

SOLUTION: Update to a fixed version. Please see vendor advisory for a patch matrix.

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20090204-wlc.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200902-0481",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "catalyst 6500 wireless services modules",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2.173.0"
      },
      {
        "model": "catalyst 3750 series integrated wireless lan controller",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2.173.0"
      },
      {
        "model": "wireless lan controller software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "catalyst 3750 series integrated wireless lan controller",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2.173.0"
      },
      {
        "model": "catalyst 6500 wireless services modules",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.2.173.0 i"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.2.173.0"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "wireless lan control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "wireless lan control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0"
      },
      {
        "model": "wireless lan control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.173.0"
      },
      {
        "model": "wireless lan control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "wireless lan control",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "catalyst series wireless services module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "76000"
      },
      {
        "model": "catalyst series wireless services module",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "65000"
      },
      {
        "model": "catalyst series integrated wireless lan cont",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "37500"
      },
      {
        "model": "wireless lan controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "44000"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "33608"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0062"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-101"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:wireless_lan_controller_software:4.2.173.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_wireless_services_modules:4.2.173.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_3750_series_integrated_wireless_lan_controller:4.2.173.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500_wireless_services_modules:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-0062"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Security bulletin",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-101"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2009-0062",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": true,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "Single",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2009-0062",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-37508",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2009-0062",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200902-101",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-37508",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37508"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0062"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-101"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels. Multiple Cisco Wireless LAN Controllers are prone to these remote vulnerabilities:\n- Multiple denial-of-service vulnerabilities\n- A remote privilege-escalation vulnerability\nRemote attackers can exploit these issues to gain administrative rights on an affected device or crash the device, denying service to legitimate users. \n\n1) An unspecified error can be exploited to reload the device or to\nrender the web authentication functionality unusable. \n\n2) An error when processing POST requests sent to the web\nauthentication login.html page can be exploited to trigger a device\nreload. \n\nThe vulnerabilities affect Wireless LAN Controller software versions\n4.1 and later on all platforms. \n\n3) An error related to the TSEC driver can be exploited to render a\ndevice unresponsive via specially crafted IP packets. \n\n4) An unspecified error can be exploited by unprivileged users to\ngain full administrative rights to an affected system. \n\nThis vulnerability affects Wireless LAN Controller software version\n4.2.173.0. \n\nSOLUTION:\nUpdate to a fixed version. Please see vendor advisory for a patch\nmatrix. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20090204-wlc.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2009-0062"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      },
      {
        "db": "BID",
        "id": "33608"
      },
      {
        "db": "VULHUB",
        "id": "VHN-37508"
      },
      {
        "db": "PACKETSTORM",
        "id": "74722"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2009-0062",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "33608",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "33749",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1021678",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001345",
        "trust": 0.8
      },
      {
        "db": "CISCO",
        "id": "20090204 MULTIPLE VULNERABILITIES IN CISCO WIRELESS LAN CONTROLLERS",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-101",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-37508",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "74722",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37508"
      },
      {
        "db": "BID",
        "id": "33608"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      },
      {
        "db": "PACKETSTORM",
        "id": "74722"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0062"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-101"
      }
    ]
  },
  "id": "VAR-200902-0481",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37508"
      }
    ],
    "trust": 0.7145029
  },
  "last_update_date": "2023-12-18T12:39:20.786000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20090204-wlc",
        "trust": 0.8,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080a6c1dd.shtml"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37508"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0062"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/33608"
      },
      {
        "trust": 1.7,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080a6c1dd.shtml"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id?1021678"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/33749"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0062"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0062"
      },
      {
        "trust": 0.4,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20090204-wlc.shtml"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/ps6307/index.html"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/500659"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/6036/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/13964/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/6035/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/13963/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/33749/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/product/13965/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-37508"
      },
      {
        "db": "BID",
        "id": "33608"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      },
      {
        "db": "PACKETSTORM",
        "id": "74722"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0062"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-101"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-37508"
      },
      {
        "db": "BID",
        "id": "33608"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      },
      {
        "db": "PACKETSTORM",
        "id": "74722"
      },
      {
        "db": "NVD",
        "id": "CVE-2009-0062"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-101"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-02-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-37508"
      },
      {
        "date": "2009-02-04T00:00:00",
        "db": "BID",
        "id": "33608"
      },
      {
        "date": "2009-06-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      },
      {
        "date": "2009-02-05T17:26:14",
        "db": "PACKETSTORM",
        "id": "74722"
      },
      {
        "date": "2009-02-05T00:30:00.327000",
        "db": "NVD",
        "id": "CVE-2009-0062"
      },
      {
        "date": "2009-02-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200902-101"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-30T00:00:00",
        "db": "VULHUB",
        "id": "VHN-37508"
      },
      {
        "date": "2009-03-11T22:06:00",
        "db": "BID",
        "id": "33608"
      },
      {
        "date": "2009-06-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      },
      {
        "date": "2018-10-30T16:25:59.187000",
        "db": "NVD",
        "id": "CVE-2009-0062"
      },
      {
        "date": "2009-03-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200902-101"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-101"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural Cisco Wireless  LAN Elevation of privilege vulnerability in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-001345"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200902-101"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2009-0062

Vulnerability from cvelistv5

ghsa-8hv4-wf5q-j3p8

Vulnerability from github

cve-2009-0062

Vulnerability from fkie_nvd

gsd-2009-0062

Vulnerability from gsd

var-200902-0481

Vulnerability from variot

Tags

Sightings

Nomenclature