CVE-2009-1160 - OpenCVE

Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Adaptive Security Appliance 5500 Pix

Configuration 1 [-]

OR	cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.0:::::::*
	cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.1:::::::*
	cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:::::::*
	cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:::::::*
	cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:::::::*
	cpe:2.3:h:cisco:pix:7.0:::::::*
	cpe:2.3:h:cisco:pix:7.1:::::::*
	cpe:2.3:h:cisco:pix:7.2:::::::*
	cpe:2.3:h:cisco:pix:8.0:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/34607
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml
http://www.securityfocus.com/bid/34429
http://www.securitytracker.com/id?1022017
http://www.vupen.com/english/advisories/2009/0981

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2009-04-09T15:00:00

Updated: 2024-08-07T05:04:48.999Z

Reserved: 2009-03-26T00:00:00

Link: CVE-2009-1160

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-04-09T15:08:35.797

Modified: 2009-04-28T05:39:14.750

Link: CVE-2009-1160

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-04-08T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-04-16T09:00:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "ADV-2009-0981", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/0981"}, {"name": "34429", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34429"}, {"name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"}, {"name": "34607", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34607"}, {"name": "1022017", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1022017"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2009-1160", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2009-0981", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/0981"}, {"name": "34429", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34429"}, {"name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"}, {"name": "34607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34607"}, {"name": "1022017", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022017"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:04:48.999Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2009-0981", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/0981"}, {"name": "34429", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/34429"}, {"name": "20090408 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"}, {"name": "34607", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34607"}, {"name": "1022017", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1022017"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2009-1160", "datePublished": "2009-04-09T15:00:00", "dateReserved": "2009-03-26T00:00:00", "dateUpdated": "2024-08-07T05:04:48.999Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "235C2CE5-C858-4037-AE35-E6D506301894", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "76EAF7E0-6C0A-4B62-8776-CDE7CEB4565A", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "97290344-5440-4797-9668-AA1050E87C41", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "508DECFB-F334-409F-911B-BF8D842D3556", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277."}, {"lang": "es", "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances v7.0 anteriores a v7.0(8)1, v7.1 anteriores a v7.1(2)74, v7.2 anteriores a v7.2(4)9, and v8.0 anteriores a v8.0(4)5 no implementan de forma adecuada la denegaci\u00f3n impl\u00edcita, lo que podr\u00eda permitir a atacantes remotos enviar paquetes que sobrepasen las restricciones de acceso impuestas, tambi\u00e9n conocido como Bug ID CSCsq91277."}], "id": "CVE-2009-1160", "lastModified": "2009-04-28T05:39:14.750", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-04-09T15:08:35.797", "references": [{"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/34607"}, {"source": "ykramarz@cisco.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/34429"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id?1022017"}, {"source": "ykramarz@cisco.com", "url": "http://www.vupen.com/english/advisories/2009/0981"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}