CVE-2009-0625

EPSS 0.66%
Published 26.02.2009 16:17:20
Last modified 09.04.2025 00:30:58
Source psirt@cisco.com
Teams watchlist Login
Open Login

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet.

Affected products Warnungen 0 Metrics 2 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Ace 4710 Version <= a1\(2.0\)

Cisco ≫ Catalyst Version6500
Cisco ≫ Catalyst Version7600

Cisco ≫ Application Control Engine Module Version <= a2\(1.1\)

Cisco ≫ Catalyst Version6500
Cisco ≫ Catalyst Version7600

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.66%	0.702

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml

Vendor Advisory

http://www.securityfocus.com/bid/33900

http://www.securitytracker.com/id?1021769

https://nvd.nist.gov/vuln/detail/CVE-2009-0625

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-0625

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-0625

EUVD