VAR-200902-0540
Vulnerability from variot - Updated: 2023-12-18 12:11Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv1 packet. Other attacks are also possible. Remote authentication users can cause denial of service by constructing SNMPv1 packets
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200902-0540",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ace 4710",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "a1\\(2.0\\)"
},
{
"model": "ace 4710",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "a1\\(8.0\\)"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "ace 4710",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "a3\\(1.0\\)"
},
{
"model": "application control engine module",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "ace 4710",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "a3\\(2.0\\)"
},
{
"model": "ace module a2",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ace 4710",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "a2(1.3)"
},
{
"model": "ace application control engine module",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "a3(2.1)"
},
{
"model": "ace appliance a1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "4710"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.2"
},
{
"model": "ace 4710",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "a3\\(2.0\\)"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "ace appliance a3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4710"
}
],
"sources": [
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001380"
},
{
"db": "NVD",
"id": "CVE-2009-0624"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-615"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:application_control_engine_module:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:application_control_engine_module:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:application_control_engine_module:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "a3\\(2.0\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_4710:a3\\(1.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_4710:a1\\(8.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_4710:a1\\(2.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0624"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-615"
}
],
"trust": 0.6
},
"cve": "CVE-2009-0624",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-0624",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-38070",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-0624",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200902-615",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-38070",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38070"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001380"
},
{
"db": "NVD",
"id": "CVE-2009-0624"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-615"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv1 packet. Other attacks are also possible. Remote authentication users can cause denial of service by constructing SNMPv1 packets",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0624"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001380"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "VULHUB",
"id": "VHN-38070"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-0624",
"trust": 2.8
},
{
"db": "BID",
"id": "33900",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1021769",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001380",
"trust": 0.8
},
{
"db": "CISCO",
"id": "20090225 MULTIPLE VULNERABILITIES IN THE CISCO ACE APPLICATION CONTROL ENGINE MODULE AND CISCO ACE 4710 APPLICATION CONTROL ENGINE",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200902-615",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-38070",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38070"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001380"
},
{
"db": "NVD",
"id": "CVE-2009-0624"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-615"
}
]
},
"id": "VAR-200902-0540",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-38070"
}
],
"trust": 0.64072501
},
"last_update_date": "2023-12-18T12:11:45.997000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20090225-ace",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20090225-ace.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001380"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001380"
},
{
"db": "NVD",
"id": "CVE-2009-0624"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080a7bc82.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/33900"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1021769"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0624"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0624"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a0080a7bd0a.ht"
},
{
"trust": 0.3,
"url": "http://www.cisco.com"
},
{
"trust": 0.3,
"url": "/archive/1/501237"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38070"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001380"
},
{
"db": "NVD",
"id": "CVE-2009-0624"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-615"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-38070"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001380"
},
{
"db": "NVD",
"id": "CVE-2009-0624"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-615"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-02-26T00:00:00",
"db": "VULHUB",
"id": "VHN-38070"
},
{
"date": "2009-02-25T00:00:00",
"db": "BID",
"id": "33900"
},
{
"date": "2009-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001380"
},
{
"date": "2009-02-26T16:17:20.187000",
"db": "NVD",
"id": "CVE-2009-0624"
},
{
"date": "2009-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200902-615"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-38070"
},
{
"date": "2009-03-09T22:26:00",
"db": "BID",
"id": "33900"
},
{
"date": "2009-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001380"
},
{
"date": "2009-03-03T07:04:50.127000",
"db": "NVD",
"id": "CVE-2009-0624"
},
{
"date": "2009-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200902-615"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-615"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Catalyst 6500 Switch and 7600 For router Cisco ACE Application Control Engine Modules and Cisco ACE 4710 Application Control Engine Appliance of SNMPv2c Service disruption in implementations (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001380"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-615"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…