CVE-2009-2862

EUVD-2009-2852
The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
Affected Products (NVD)
VendorProductVersion
ciscoios
12.2xnb:xnb
ciscoios
12.2xnc:xnc
ciscoios
12.2xnd:xnd
ciscoios
12.4md:md
ciscoios
12.4t:t
ciscoios
12.4xz:xz
ciscoios
12.4ya:ya
𝑥
= Vulnerable software versions
References
http://osvdb.org/58338
http://tools.cisco.com/security/center/viewAlert.x?alertId=18876
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml
http://www.securityfocus.com/bid/36495
http://www.securitytracker.com/id?1022933
http://www.vupen.com/english/advisories/2009/2759
http://osvdb.org/58338
http://tools.cisco.com/security/center/viewAlert.x?alertId=18876
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8119.shtml
http://www.securityfocus.com/bid/36495
http://www.securitytracker.com/id?1022933
http://www.vupen.com/english/advisories/2009/2759