CVE-2009-3457 - OpenCVE

Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Ace Web Application Firewall Ace Xml Gateway

Configuration 1 [-]

OR	cpe:2.3:h:cisco:ace_web_application_firewall::::::::
	cpe:2.3:h:cisco:ace_web_application_firewall:6.0\(0\):::::::*
	cpe:2.3:h:cisco:ace_web_application_firewall:6.0\(1\):::::::*
	cpe:2.3:h:cisco:ace_web_application_firewall:6.0\(2\):::::::*
	cpe:2.3:h:cisco:ace_xml_gateway::::::::
	cpe:2.3:h:cisco:ace_xml_gateway:6.0\(0\):::::::*
	cpe:2.3:h:cisco:ace_xml_gateway:6.0\(1\):::::::*
	cpe:2.3:h:cisco:ace_xml_gateway:6.0\(2\):::::::*

No data.

References

Link	Providers
http://seclists.org/fulldisclosure/2009/Sep/0369.html
http://secunia.com/advisories/36879
http://www.brainoverflow.org/advisories/cisco_ace_xml_gw_ip_disclosure.txt
http://www.cisco.com/en/US/products/products_security_response09186a0080af8965.html
http://www.securityfocus.com/archive/1/506716/100/0/threaded
http://www.securityfocus.com/bid/36522
http://www.securitytracker.com/id?1022949
http://www.vupen.com/english/advisories/2009/2778
https://exchange.xforce.ibmcloud.com/vulnerabilities/53482

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-09-29T17:00:00

Updated: 2024-08-07T06:31:10.539Z

Reserved: 2009-09-29T00:00:00

Link: CVE-2009-3457

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-09-29T18:00:00.407

Modified: 2018-10-10T19:43:34.033

Link: CVE-2009-3457

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-09-24T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.brainoverflow.org/advisories/cisco_ace_xml_gw_ip_disclosure.txt"}, {"name": "20090925 Unmatched Request Discloses Client Internal IP Address", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080af8965.html"}, {"name": "20090924 Cisco ACE XML Gateway <= 6.0 Internal IP disclosure", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2009/Sep/0369.html"}, {"name": "ADV-2009-2778", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/2778"}, {"name": "cisco-ace-ipaddress-info-disclosure(53482)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53482"}, {"name": "20090925 Cisco ACE XML Gateway <= 6.0 Internal IP disclosure", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/506716/100/0/threaded"}, {"name": "36522", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/36522"}, {"name": "36879", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/36879"}, {"name": "1022949", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1022949"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-3457", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.brainoverflow.org/advisories/cisco_ace_xml_gw_ip_disclosure.txt", "refsource": "MISC", "url": "http://www.brainoverflow.org/advisories/cisco_ace_xml_gw_ip_disclosure.txt"}, {"name": "20090925 Unmatched Request Discloses Client Internal IP Address", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080af8965.html"}, {"name": "20090924 Cisco ACE XML Gateway <= 6.0 Internal IP disclosure", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2009/Sep/0369.html"}, {"name": "ADV-2009-2778", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/2778"}, {"name": "cisco-ace-ipaddress-info-disclosure(53482)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53482"}, {"name": "20090925 Cisco ACE XML Gateway <= 6.0 Internal IP disclosure", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/506716/100/0/threaded"}, {"name": "36522", "refsource": "BID", "url": "http://www.securityfocus.com/bid/36522"}, {"name": "36879", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/36879"}, {"name": "1022949", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022949"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T06:31:10.539Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.brainoverflow.org/advisories/cisco_ace_xml_gw_ip_disclosure.txt"}, {"name": "20090925 Unmatched Request Discloses Client Internal IP Address", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080af8965.html"}, {"name": "20090924 Cisco ACE XML Gateway <= 6.0 Internal IP disclosure", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2009/Sep/0369.html"}, {"name": "ADV-2009-2778", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/2778"}, {"name": "cisco-ace-ipaddress-info-disclosure(53482)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53482"}, {"name": "20090925 Cisco ACE XML Gateway <= 6.0 Internal IP disclosure", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/506716/100/0/threaded"}, {"name": "36522", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/36522"}, {"name": "36879", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/36879"}, {"name": "1022949", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1022949"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-3457", "datePublished": "2009-09-29T17:00:00", "dateReserved": "2009-09-29T00:00:00", "dateUpdated": "2024-08-07T06:31:10.539Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ace_web_application_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "EE6B32BA-DF80-4CDD-8524-7E9D12B1B761", "versionEndIncluding": "6.0\\(3\\)", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:ace_web_application_firewall:6.0\\(0\\):*:*:*:*:*:*:*", "matchCriteriaId": "2069D4D3-526D-4D95-8C6B-0B290B27F9D9", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:ace_web_application_firewall:6.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "80E02AA7-7DFC-4F62-AD97-CFBE693FDC79", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:ace_web_application_firewall:6.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "BE209A78-EF5A-4C61-82A6-451B950E7490", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:ace_xml_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B805751-8CA7-4F46-BD06-1679DC8F8259", "versionEndIncluding": "6.0\\(3\\)", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:ace_xml_gateway:6.0\\(0\\):*:*:*:*:*:*:*", "matchCriteriaId": "8886926F-25CE-42CA-A949-DA50558F9A3B", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:ace_xml_gateway:6.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "CDA26824-6F54-403C-ACD6-2115C93BC1AC", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:ace_xml_gateway:6.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "3554A382-474E-4C76-89FB-359151959159", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159."}, {"lang": "es", "value": "Cisco ACE XML Gateway (AXG) y ACE Web Application Firewall (WAF), anterior a v6.1, permite a atacantes remotos obtener informaci\u00f3n sensible mediante una petici\u00f3n HTTP que carece de manejador. Como ha sido demostrado por (1) una petici\u00f3n OPTIONS o (2) una petici\u00f3n GET manipulada, que dan lugar a mensajes de error del tipo Message-handling Errors y que contienen la direcci\u00f3n IP de determinados clientes de la intranet. Tambi\u00e9n conocido como Bug ID CSCtb82159."}], "id": "CVE-2009-3457", "lastModified": "2018-10-10T19:43:34.033", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-09-29T18:00:00.407", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Patch"], "url": "http://seclists.org/fulldisclosure/2009/Sep/0369.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/36879"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.brainoverflow.org/advisories/cisco_ace_xml_gw_ip_disclosure.txt"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080af8965.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/506716/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/36522"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1022949"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/2778"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53482"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}