CVE-2009-4918

EPSS 0.43%
Published 29.06.2010 18:30:01
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (IKE process hang) via malformed NAT-T packets, aka Bug ID CSCsr74439.

Affected products Warnungen 0 Metrics 2 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Asa 5580 Version <= 8.1\(1\)

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.43%	0.594

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html

Patch

https://nvd.nist.gov/vuln/detail/CVE-2009-4918

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-4918

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-4918

EUVD