PT-2009-5220 · Cisco · Cisco Ios

Published

2009-09-23

Updated

2022-06-02

CVE-2009-2862

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2XNB through 12.2XND Cisco IOS versions 12.4MD through 12.4YA Cisco IOS version 12.4T Cisco IOS version 12.4XZ

Description A vulnerability exists in the Object Groups for Access Control Lists (ACLs) feature of Cisco IOS software, allowing an unauthenticated attacker to bypass access control policies via crafted requests.

Recommendations For Cisco IOS versions 12.2XNB through 12.2XND, update to a fixed version. For Cisco IOS versions 12.4MD through 12.4YA, update to a fixed version. For Cisco IOS version 12.4T, update to a fixed version. For Cisco IOS version 12.4XZ, update to a fixed version. As a temporary workaround, consider disabling the Object Groups for ACLs feature until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-2862

Affected Products

Cisco Ios

PT-2009-5220 · Cisco · Cisco Ios

CVE-2009-2862

Related Identifiers

Affected Products

References · 8