CVE-2009-2863 — Vulnetix

CVE-2009-2863 PUBLISHED CVSS 7.099999904632568 HIGH

Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.

EPSS 0.41% · 61.4th percentile

Risk Scores

CVSS 2.0

7.099999904632568

EPSS Score

0.41%

61.4th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
cisco	ios	12.0xk, 12.0xr, 12.1e

Exploit Intelligence

36491 (circl)
1022935 (circl)
ciscoios-authenticationproxy-sec-bypass(53453) (circl)
http://tools.cisco.com/security/center/viewAlert.x?alertId=18882 (circl)
58340 (circl)
20090923 Cisco IOS Software Authentication Proxy Vulnerability (circl)

Timeline

Sep 23, 2009 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 3, 2023 EPSS Score
May 25, 2023 EPSS Score

References

36491 vdb
1022935 vdb
ciscoios-authenticationproxy-sec-bypass(53453) vdb
http://tools.cisco.com/security/center/viewAlert.x?alertId=18882 url
58340 vdb
20090923 Cisco IOS Software Authentication Proxy Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2009-2863 advisory

Open in Interactive Console →