VAR-200902-0541
Vulnerability from variot - Updated: 2023-12-18 12:11Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet. Other attacks are also possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200902-0541",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ace 4710",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "a1\\(2.0\\)"
},
{
"model": "application control engine module",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "a2\\(1.1\\)"
},
{
"model": "ace module a2",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ace 4710",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "a2(1.2)"
},
{
"model": "ace application control engine module",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "a1(8.0)"
},
{
"model": "ace appliance a1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "4710"
},
{
"model": "ace 4710",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "a1\\(2.0\\)"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "a2\\(1.1\\)"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "ace appliance a3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4710"
}
],
"sources": [
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001379"
},
{
"db": "NVD",
"id": "CVE-2009-0625"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-616"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "a1\\(2.0\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:application_control_engine_module:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "a2\\(1.1\\)",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst:6500:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:catalyst:7600:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0625"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-616"
}
],
"trust": 0.6
},
"cve": "CVE-2009-0625",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-0625",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-38071",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-0625",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200902-616",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-38071",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38071"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001379"
},
{
"db": "NVD",
"id": "CVE-2009-0625"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-616"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet. Other attacks are also possible",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0625"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001379"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "VULHUB",
"id": "VHN-38071"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-0625",
"trust": 2.8
},
{
"db": "BID",
"id": "33900",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1021769",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001379",
"trust": 0.8
},
{
"db": "CISCO",
"id": "20090225 MULTIPLE VULNERABILITIES IN THE CISCO ACE APPLICATION CONTROL ENGINE MODULE AND CISCO ACE 4710 APPLICATION CONTROL ENGINE",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200902-616",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-38071",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38071"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001379"
},
{
"db": "NVD",
"id": "CVE-2009-0625"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-616"
}
]
},
"id": "VAR-200902-0541",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-38071"
}
],
"trust": 0.64072501
},
"last_update_date": "2023-12-18T12:11:45.906000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20090225-ace",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20090225-ace.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001379"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38071"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001379"
},
{
"db": "NVD",
"id": "CVE-2009-0625"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080a7bc82.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/33900"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1021769"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0625"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0625"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a0080a7bd0a.ht"
},
{
"trust": 0.3,
"url": "http://www.cisco.com"
},
{
"trust": 0.3,
"url": "/archive/1/501237"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38071"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001379"
},
{
"db": "NVD",
"id": "CVE-2009-0625"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-616"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-38071"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001379"
},
{
"db": "NVD",
"id": "CVE-2009-0625"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-616"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-02-26T00:00:00",
"db": "VULHUB",
"id": "VHN-38071"
},
{
"date": "2009-02-25T00:00:00",
"db": "BID",
"id": "33900"
},
{
"date": "2009-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001379"
},
{
"date": "2009-02-26T16:17:20.217000",
"db": "NVD",
"id": "CVE-2009-0625"
},
{
"date": "2009-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200902-616"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-38071"
},
{
"date": "2009-03-09T22:26:00",
"db": "BID",
"id": "33900"
},
{
"date": "2009-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001379"
},
{
"date": "2009-03-03T07:04:50.343000",
"db": "NVD",
"id": "CVE-2009-0625"
},
{
"date": "2009-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200902-616"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-616"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Catalyst 6500 Switch and 7600 For router Cisco ACE Application Control Engine Modules and Cisco ACE 4710 Application Control Engine Appliance Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001379"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-616"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…