CVE-2009-0623 - Vulnerability Details

Vendors	Products
Cisco	Ace 4710 Application Control Engine Module Catalyst

Link	Providers
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml
http://www.securityfocus.com/bid/33900

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-02-26T16:00:00Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20090225 Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml"}, {"name": "33900", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33900"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2009-0623", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20090225 Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml"}, {"name": "33900", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33900"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:40:05.126Z"}, "title": "CVE Program Container", "references": [{"name": "20090225 Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml"}, {"name": "33900", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/33900"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2009-0623", "datePublished": "2009-02-26T16:00:00Z", "dateReserved": "2009-02-18T00:00:00Z", "dateUpdated": "2024-09-16T23:46:36.574Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2009-02-26T16:00:00Z (string)

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

}

references : [ »

0 : { »

name : 20090225 Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml (string)

}

1 : { »

name : 33900 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/33900 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@cisco.com (string)

ID : CVE-2009-0623 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 20090225 Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine (string)

refsource : CISCO (string)

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml (string)

}

1 : { »

name : 33900 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/33900 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T04:40:05.126Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 20090225 Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml (string)

}

1 : { »

name : 33900 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/33900 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

cveId : CVE-2009-0623 (string)

datePublished : 2009-02-26T16:00:00Z (string)

dateReserved : 2009-02-18T00:00:00Z (string)

dateUpdated : 2024-09-16T23:46:36.574Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE398278-79E8-4043-9ED3-735775213587", "versionEndIncluding": "a3\\(2.0\\)", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:ace_4710:a3\\(1.0\\):*:*:*:*:*:*:*", "matchCriteriaId": "8F3BDA08-1786-46AD-93B3-C374BE1AC949", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:application_control_engine_module:*:*:*:*:*:*:*:*", "matchCriteriaId": "19E93539-6D77-4D1E-BF77-C35EE2170D4B", "versionEndIncluding": "a2\\(1.2\\)", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:application_control_engine_module:a2\\(1.1\\):*:*:*:*:*:*:*", "matchCriteriaId": "C5EDC4AB-2D1B-4233-A260-9D5521057F09", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:catalyst:6500:*:*:*:*:*:*:*", "matchCriteriaId": "712DA93A-13CE-4E27-84FC-D2ECEEFFD568", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:catalyst:7600:*:*:*:*:*:*:*", "matchCriteriaId": "521A4FD3-18E3-4937-A6AD-F7BDB3DB08ED", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet."}, {"lang": "es", "value": "Vulnerabilidad no especificada en \"Cisco ACE Application Control Engine Module\" para Catalyst 6500 Switches y 7600 Routers anteriores A2(1.3) y Cisco ACE 4710 Application Control Engine Appliance anteriores a A3(2.1) que permite a los atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del dispositivo) a trav\u00e9s de un paquete SSH manipulado."}], "id": "CVE-2009-0623", "lastModified": "2024-11-21T01:00:32.720", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-02-26T16:17:20.170", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/33900"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/33900"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:ace_4710:*:*:*:*:*:*:*:* (string)

matchCriteriaId : EE398278-79E8-4043-9ED3-735775213587 (string)

versionEndIncluding : a3\(2.0\) (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:h:cisco:ace_4710:a3\(1.0\):*:*:*:*:*:*:* (string)

matchCriteriaId : 8F3BDA08-1786-46AD-93B3-C374BE1AC949 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:h:cisco:application_control_engine_module:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 19E93539-6D77-4D1E-BF77-C35EE2170D4B (string)

versionEndIncluding : a2\(1.2\) (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:h:cisco:application_control_engine_module:a2\(1.1\):*:*:*:*:*:*:* (string)

matchCriteriaId : C5EDC4AB-2D1B-4233-A260-9D5521057F09 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:catalyst:6500:*:*:*:*:*:*:* (string)

matchCriteriaId : 712DA93A-13CE-4E27-84FC-D2ECEEFFD568 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

2 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:catalyst:7600:*:*:*:*:*:*:* (string)

matchCriteriaId : 521A4FD3-18E3-4937-A6AD-F7BDB3DB08ED (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet. (string)

}

1 : { »

lang : es (string)

value : Vulnerabilidad no especificada en "Cisco ACE Application Control Engine Module" para Catalyst 6500 Switches y 7600 Routers anteriores A2(1.3) y Cisco ACE 4710 Application Control Engine Appliance anteriores a A3(2.1) que permite a los atacantes remotos causar una denegación de servicio (reinicio del dispositivo) a través de un paquete SSH manipulado. (string)

}

]

id : CVE-2009-0623 (string)

lastModified : 2024-11-21T01:00:32.720 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 7.8 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 6.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2009-02-26T16:17:20.170 (string)

references : [ »

0 : { »

source : ykramarz@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml (string)

}

1 : { »

source : ykramarz@cisco.com (string)

url : http://www.securityfocus.com/bid/33900 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/33900 (string)

}

]

sourceIdentifier : ykramarz@cisco.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object