CVE-2009-2863 : Detail

CVE-2009-2863

Authorization problems
A07-Identif. and Authent. Fail
0.31%V3
Network
2009-09-28
16h20 +00:00
2017-08-16
12h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Metrics

Metrics Score Severity CVSS Vector Source
V2 7.1 AV:N/AC:M/Au:N/C:C/I:N/A:N nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Cisco>>Ios >> Version 12.0xk

Cisco>>Ios >> Version 12.0xr

Cisco>>Ios >> Version 12.1

Cisco>>Ios >> Version 12.1e

Cisco>>Ios >> Version 12.1ex

Cisco>>Ios >> Version 12.1t

Cisco>>Ios >> Version 12.1xc

Cisco>>Ios >> Version 12.1xh

Cisco>>Ios >> Version 12.1xi

Cisco>>Ios >> Version 12.1xj

Cisco>>Ios >> Version 12.1xm

Cisco>>Ios >> Version 12.1xp

Cisco>>Ios >> Version 12.1xr

Cisco>>Ios >> Version 12.1yb

Cisco>>Ios >> Version 12.1yd

Cisco>>Ios >> Version 12.1yf

Cisco>>Ios >> Version 12.1yi

Cisco>>Ios >> Version 12.2

Cisco>>Ios >> Version 12.2b

Cisco>>Ios >> Version 12.2bw

Cisco>>Ios >> Version 12.2cz

Cisco>>Ios >> Version 12.2dd

Cisco>>Ios >> Version 12.2ex

Cisco>>Ios >> Version 12.2ey

Cisco>>Ios >> Version 12.2fz

Cisco>>Ios >> Version 12.2ira

Cisco>>Ios >> Version 12.2irb

Cisco>>Ios >> Version 12.2irc

Cisco>>Ios >> Version 12.2ixa

Cisco>>Ios >> Version 12.2ixb

Cisco>>Ios >> Version 12.2ixc

Cisco>>Ios >> Version 12.2ixd

Cisco>>Ios >> Version 12.2ixe

Cisco>>Ios >> Version 12.2ixf

Cisco>>Ios >> Version 12.2ixg

Cisco>>Ios >> Version 12.2s

Cisco>>Ios >> Version 12.2sbc

Cisco>>Ios >> Version 12.2se

Cisco>>Ios >> Version 12.2sec

Cisco>>Ios >> Version 12.2sed

Cisco>>Ios >> Version 12.2see

Cisco>>Ios >> Version 12.2sef

Cisco>>Ios >> Version 12.2seg

Cisco>>Ios >> Version 12.2sg

Cisco>>Ios >> Version 12.2sga

Cisco>>Ios >> Version 12.2sq

Cisco>>Ios >> Version 12.2sra

Cisco>>Ios >> Version 12.2srb

Cisco>>Ios >> Version 12.2src

Cisco>>Ios >> Version 12.2su

Cisco>>Ios >> Version 12.2sx

Cisco>>Ios >> Version 12.2sxa

Cisco>>Ios >> Version 12.2sxb

Cisco>>Ios >> Version 12.2sxd

Cisco>>Ios >> Version 12.2sxe

Cisco>>Ios >> Version 12.2sxf

Cisco>>Ios >> Version 12.2sxh

Cisco>>Ios >> Version 12.2sxi

Cisco>>Ios >> Version 12.2t

Cisco>>Ios >> Version 12.2tpc

Cisco>>Ios >> Version 12.2xa

Cisco>>Ios >> Version 12.2xb

Cisco>>Ios >> Version 12.2xd

Cisco>>Ios >> Version 12.2xe

Cisco>>Ios >> Version 12.2xg

Cisco>>Ios >> Version 12.2xj

Cisco>>Ios >> Version 12.2xk

Cisco>>Ios >> Version 12.2xl

Cisco>>Ios >> Version 12.2xm

Cisco>>Ios >> Version 12.2xo

Cisco>>Ios >> Version 12.2xq

Cisco>>Ios >> Version 12.2xt

Cisco>>Ios >> Version 12.2xv

Cisco>>Ios >> Version 12.2xw

Cisco>>Ios >> Version 12.2ya

Cisco>>Ios >> Version 12.2yb

Cisco>>Ios >> Version 12.2yc

Cisco>>Ios >> Version 12.2ye

Cisco>>Ios >> Version 12.2yf

Cisco>>Ios >> Version 12.2yh

Cisco>>Ios >> Version 12.2yl

Cisco>>Ios >> Version 12.2ym

Cisco>>Ios >> Version 12.2yn

Cisco>>Ios >> Version 12.2yq

Cisco>>Ios >> Version 12.2yu

Cisco>>Ios >> Version 12.2yv

Cisco>>Ios >> Version 12.2yx

Cisco>>Ios >> Version 12.2yz

Cisco>>Ios >> Version 12.2zd

Cisco>>Ios >> Version 12.2zh

Cisco>>Ios >> Version 12.2zj

Cisco>>Ios >> Version 12.2zl

Cisco>>Ios >> Version 12.2zy

Cisco>>Ios >> Version 12.2zya

Cisco>>Ios >> Version 12.3

Cisco>>Ios >> Version 12.3b

Cisco>>Ios >> Version 12.3jk

Cisco>>Ios >> Version 12.3t

Cisco>>Ios >> Version 12.3tpc

Cisco>>Ios >> Version 12.3va

Cisco>>Ios >> Version 12.3xa

Cisco>>Ios >> Version 12.3xc

Cisco>>Ios >> Version 12.3xd

Cisco>>Ios >> Version 12.3xe

Cisco>>Ios >> Version 12.3xf

Cisco>>Ios >> Version 12.3xg

Cisco>>Ios >> Version 12.3xk

Cisco>>Ios >> Version 12.3xl

Cisco>>Ios >> Version 12.3xq

Cisco>>Ios >> Version 12.3xr

Cisco>>Ios >> Version 12.3xx

Cisco>>Ios >> Version 12.3ya

Cisco>>Ios >> Version 12.3yd

Cisco>>Ios >> Version 12.3yg

Cisco>>Ios >> Version 12.3yh

Cisco>>Ios >> Version 12.3yi

Cisco>>Ios >> Version 12.3yk

Cisco>>Ios >> Version 12.3ym

Cisco>>Ios >> Version 12.3yt

Cisco>>Ios >> Version 12.3yz

Cisco>>Ios >> Version 12.4

Cisco>>Ios >> Version 12.4mr

Cisco>>Ios >> Version 12.4t

Cisco>>Ios >> Version 12.4xa

Cisco>>Ios >> Version 12.4xd

Cisco>>Ios >> Version 12.4xe

Cisco>>Ios >> Version 12.4xf

Cisco>>Ios >> Version 12.4xj

Cisco>>Ios >> Version 12.4xk

Cisco>>Ios >> Version 12.4xt

Cisco>>Ios >> Version 12.4xv

Cisco>>Ios >> Version 12.4xw

Cisco>>Ios >> Version 12.4xy

Cisco>>Ios >> Version 12.4xz

Cisco>>Ios >> Version 12.4ya

Cisco>>Ios >> Version 12.4yb

References

http://www.securityfocus.com/bid/36491
Tags : vdb-entry, x_refsource_BID
http://www.securitytracker.com/id?1022935
Tags : vdb-entry, x_refsource_SECTRACK
http://osvdb.org/58340
Tags : vdb-entry, x_refsource_OSVDB