Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2009-1160 | First vendor Publication | 2009-04-09 |
| Vendor | Cve | Last vendor Modification | 2009-04-28 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4.3 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1160 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-264 | Permissions, Privileges, and Access Controls |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 53447 | Cisco PIX / ASA Implicit Deny ACE Unspecified ACL Bypass PIX and ASA contain a flaw that may allow traffic to bypass the implicit deny statement of an ACL. It is possible that the flaw may allow unauthorized network traffic resulting in a loss of integrity. |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:09:21 |
|
| 2021-04-22 01:09:42 |
|
| 2020-05-23 00:23:34 |
|
| 2016-04-26 18:44:10 |
|
| 2013-05-10 23:47:53 |
|
