CVE-2009-2863

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.0 through 12.4

Description A race condition in the Firewall Authentication Proxy feature allows remote attackers to bypass authentication or the consent web page via a crafted request. This issue affects Cisco IOS Software configured with Authentication Proxy for HTTP(S), Web Authentication, or the consent feature, potentially allowing an unauthenticated session to bypass the authentication proxy server or consent webpage.

Recommendations For Cisco IOS versions 12.0 through 12.4, update to a version that addresses this vulnerability, as Cisco has released software updates that fix this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability, but it is known that Cisco has released updates.