CVE-2009-1160

EUVD-2009-1160
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
ciscoadaptive_security_appliance_5500
7.0
ciscoadaptive_security_appliance_5500
7.1
ciscoadaptive_security_appliance_5500
7.2
ciscoadaptive_security_appliance_5500
8.0
ciscoadaptive_security_appliance_5500
8.1
ciscopix
7.0
ciscopix
7.1
ciscopix
7.2
ciscopix
8.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/34607
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml
http://www.securityfocus.com/bid/34429
http://www.securitytracker.com/id?1022017
http://www.vupen.com/english/advisories/2009/0981
http://secunia.com/advisories/34607
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml
http://www.securityfocus.com/bid/34429
http://www.securitytracker.com/id?1022017
http://www.vupen.com/english/advisories/2009/0981