Executive Summary

Informations
Name CVE-2009-2631 First vendor Publication 2009-12-04
Vendor Cve Last vendor Modification 2018-10-10

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2631

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1

Open Source Vulnerability Database (OSVDB)

Id Description
61195 Stonegate Clientless SSL VPN URL Rewriting Cross Domain Same Origin Policy By...
61194 Nortel Clientless SSL VPN URL Rewriting Cross Domain Same Origin Policy Bypass
61193 Juniper Clientless SSL VPN URL Rewriting Cross Domain Same Origin Policy Bypass
61192 Citrix Clientless SSL VPN URL Rewriting Cross Domain Same Origin Policy Bypass
61191 Cisco ASA Clientless SSL VPN URL Rewriting Cross Domain Same Origin Policy By...
61190 SonicWALL Clientless SSL VPN URL Rewriting Cross Domain Same Origin Policy By...

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/37152
BUGTRAQ http://www.securityfocus.com/archive/1/508164/100/0/threaded
CERT-VN http://www.kb.cert.org/vuls/id/261869
CONFIRM http://kb.juniper.net/KB15799
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=984744
http://www.sonicwall.com/us/2123_14882.html
http://www.sonicwall.com/us/2123_14883.html
http://www.stonesoft.com/en/support/security_advisories/2009_03_12.html
http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/50/025367-01.pdf
FULLDISC http://seclists.org/fulldisclosure/2006/Jun/238
http://seclists.org/fulldisclosure/2006/Jun/269
http://seclists.org/fulldisclosure/2006/Jun/270
SECTRACK http://securitytracker.com/id?1023255
SECUNIA http://secunia.com/advisories/37696
http://secunia.com/advisories/37786
http://secunia.com/advisories/37788
http://secunia.com/advisories/37789
VUPEN http://www.vupen.com/english/advisories/2009/3567
http://www.vupen.com/english/advisories/2009/3568
http://www.vupen.com/english/advisories/2009/3569
http://www.vupen.com/english/advisories/2009/3570
http://www.vupen.com/english/advisories/2009/3571
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/54523

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2021-05-04 12:09:52
  • Multiple Updates
2021-04-22 01:10:13
  • Multiple Updates
2020-05-23 00:24:05
  • Multiple Updates
2018-10-11 00:19:39
  • Multiple Updates
2017-08-17 09:22:39
  • Multiple Updates
2016-04-26 19:00:14
  • Multiple Updates
2013-05-10 23:54:40
  • Multiple Updates