CVE-2009-1160

Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
ciscoadaptive_security_appliance_5500
7.0
ciscoadaptive_security_appliance_5500
7.1
ciscoadaptive_security_appliance_5500
7.2
ciscoadaptive_security_appliance_5500
8.0
ciscoadaptive_security_appliance_5500
8.1
ciscopix
7.0
ciscopix
7.1
ciscopix
7.2
ciscopix
8.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/34607
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml
http://www.securityfocus.com/bid/34429
http://www.securitytracker.com/id?1022017
http://www.vupen.com/english/advisories/2009/0981
http://secunia.com/advisories/34607
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml
http://www.securityfocus.com/bid/34429
http://www.securitytracker.com/id?1022017
http://www.vupen.com/english/advisories/2009/0981