Sign-up

ID

VAR-200902-0539


CVE

CVE-2009-0623


TITLE

Catalyst 6500 Switch and 7600 For router Cisco ACE Application Control Engine Modules and Cisco ACE 4710 Application Control Engine Appliance Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2009-001381

DESCRIPTION

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet. Other attacks are also possible. Remote authentication users can cause denial of service by constructing SSH packets

Trust: 1.98

sources: NVD: CVE-2009-0623 // JVNDB: JVNDB-2009-001381 // BID: 33900 // VULHUB: VHN-38069

AFFECTED PRODUCTS

vendor:ciscomodel:application control engine modulescope:eqversion:a2\(1.1\)

Trust: 1.6

vendor:ciscomodel:ace 4710scope:eqversion:a3\(1.0\)

Trust: 1.6

vendor:ciscomodel:application control engine modulescope:lteversion:a2\(1.2\)

Trust: 1.0

vendor:ciscomodel:ace 4710scope:lteversion:a3\(2.0\)

Trust: 1.0

vendor:ciscomodel:ace module a2scope:neversion: -

Trust: 0.9

vendor:ciscomodel:ace 4710scope:ltversion:a2(1.3)

Trust: 0.8

vendor:ciscomodel:ace application control engine modulescope:ltversion:a3(2.1)

Trust: 0.8

vendor:ciscomodel:ace appliance a1scope:neversion:4710

Trust: 0.6

vendor:ciscomodel:application control engine modulescope:eqversion:a2\(1.2\)

Trust: 0.6

vendor:ciscomodel:ace 4710scope:eqversion:a3\(2.0\)

Trust: 0.6

vendor:ciscomodel:application control engine modulescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ace modulescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ace appliancescope:eqversion:47100

Trust: 0.3

vendor:ciscomodel:ace appliance a3scope:neversion:4710

Trust: 0.3

sources: BID: 33900 // JVNDB: JVNDB-2009-001381 // CNNVD: CNNVD-200902-614 // NVD: CVE-2009-0623

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2009-0623
value: HIGH

Trust: 1.0

NVD: CVE-2009-0623
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200902-614
value: HIGH

Trust: 0.6

VULHUB: VHN-38069
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2009-0623
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-38069
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-38069 // JVNDB: JVNDB-2009-001381 // CNNVD: CNNVD-200902-614 // NVD: CVE-2009-0623

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-94

Trust: 0.8

sources: JVNDB: JVNDB-2009-001381 // NVD: CVE-2009-0623

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200902-614

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200902-614

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2009-001381

PATCH
title:cisco-sa-20090225-aceurl:http://www.cisco.com/warp/public/707/cisco-sa-20090225-ace.shtml
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2009-001381

EXTERNAL IDS
db:NVDid:CVE-2009-0623
Trust: 2.8
db:BIDid:33900
Trust: 2.0
db:JVNDBid:JVNDB-2009-001381
Trust: 0.8
db:CISCOid:20090225 MULTIPLE VULNERABILITIES IN THE CISCO ACE APPLICATION CONTROL ENGINE MODULE AND CISCO ACE 4710 APPLICATION CONTROL ENGINE
Trust: 0.6
db:CNNVDid:CNNVD-200902-614
Trust: 0.6
db:VULHUBid:VHN-38069
Trust: 0.1
sources:
            
            
            VULHUB: VHN-38069 // 
            
            
            
            BID: 33900 // 
            
            
            
            JVNDB: JVNDB-2009-001381 // 
            
            
            
            CNNVD: CNNVD-200902-614 // 
            
            
            
            NVD: CVE-2009-0623

REFERENCES
url:http://www.cisco.com/en/us/products/products_security_advisory09186a0080a7bc82.shtml
Trust: 2.0
url:http://www.securityfocus.com/bid/33900
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0623
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0623
Trust: 0.8
url:http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a0080a7bd0a.ht
Trust: 0.3
url:http://www.cisco.com
Trust: 0.3
url:/archive/1/501237
Trust: 0.3
sources:
            
            
            VULHUB: VHN-38069 // 
            
            
            
            BID: 33900 // 
            
            
            
            JVNDB: JVNDB-2009-001381 // 
            
            
            
            CNNVD: CNNVD-200902-614 // 
            
            
            
            NVD: CVE-2009-0623

CREDITS
Cisco Security bulletin
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200902-614

SOURCES
db:VULHUBid:VHN-38069
db:BIDid:33900
db:JVNDBid:JVNDB-2009-001381
db:CNNVDid:CNNVD-200902-614
db:NVDid:CVE-2009-0623

LAST UPDATE DATE
2024-11-23T21:56:40.361000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-38069date:2009-06-19T00:00:00
db:BIDid:33900date:2009-03-09T22:26:00
db:JVNDBid:JVNDB-2009-001381date:2009-06-30T00:00:00
db:CNNVDid:CNNVD-200902-614date:2009-06-19T00:00:00
db:NVDid:CVE-2009-0623date:2024-11-21T01:00:32.720

SOURCES RELEASE DATE
db:VULHUBid:VHN-38069date:2009-02-26T00:00:00
db:BIDid:33900date:2009-02-25T00:00:00
db:JVNDBid:JVNDB-2009-001381date:2009-06-30T00:00:00
db:CNNVDid:CNNVD-200902-614date:2009-02-26T00:00:00
db:NVDid:CVE-2009-0623date:2009-02-26T16:17:20.170