OpenCVE

Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:P/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Application Networking Manager

Configuration 1 [-]

OR	cpe:2.3:a:cisco:application_networking_manager::::::::
	cpe:2.3:a:cisco:application_networking_manager:1.1:::::::*
	cpe:2.3:a:cisco:application_networking_manager:1.2:::::::*

No data.

References

Link	Providers
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml
http://www.securityfocus.com/bid/33903
http://www.securitytracker.com/id?1021772

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2009-02-26T16:00:00Z

Updated: 2024-09-17T00:30:35.369Z

Reserved: 2009-02-18T00:00:00Z

Link: CVE-2009-0618

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-02-26T16:17:20.093

Modified: 2024-11-21T01:00:31.927

Link: CVE-2009-0618

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-02-26T16:00:00Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1021772", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021772"}, {"name": "33903", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33903"}, {"name": "20090225 Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2009-0618", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1021772", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021772"}, {"name": "33903", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33903"}, {"name": "20090225 Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:40:05.084Z"}, "title": "CVE Program Container", "references": [{"name": "1021772", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021772"}, {"name": "33903", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/33903"}, {"name": "20090225 Cisco ACE Application Control Engine Device Manager and Application Networking Manager Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2009-0618", "datePublished": "2009-02-26T16:00:00Z", "dateReserved": "2009-02-18T00:00:00Z", "dateUpdated": "2024-09-17T00:30:35.369Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:application_networking_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "35411333-C72A-47B8-8109-5BA29795C1CC", "versionEndIncluding": "2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:application_networking_manager:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E427057-56BC-4E7C-8DBA-0388A6C81C87", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:application_networking_manager:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "888608EE-2818-4F72-8690-E8595B320872", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el agente Java de Cisco Application Networking Manager (ANM) anterior a 2.0 Actualizaci\u00f3n A, permite a atacantes remotos obtener privilegios y provocar una denegaci\u00f3n de servicio -parada del servicio- deteniendo procesos, u obteniendo informaci\u00f3n sensible leyendo los ficheros de configuraci\u00f3n."}], "id": "CVE-2009-0618", "lastModified": "2024-11-21T01:00:31.927", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 7.8, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-02-26T16:17:20.093", "references": [{"source": "ykramarz@cisco.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/33903"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id?1021772"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc84.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/33903"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021772"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}