var-200902-0538
Vulnerability from variot
Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI). Other attacks are also possible. Remote authentication users can execute arbitrary system commands through the command line interface
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200902-0538",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "application control engine module",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "ace 4710",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "application control engine module",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "ace module a2",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "ace 4710",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "a2(1.2)"
},
{
"model": "ace application control engine module",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "2.0 update a"
},
{
"model": "ace appliance a1",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "4710"
},
{
"model": "ace 4710",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
},
{
"model": "ace appliance a3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4710"
}
],
"sources": [
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001382"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-613"
},
{
"db": "NVD",
"id": "CVE-2009-0622"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:ace_4710",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:application_control_engine_module",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001382"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Security bulletin",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-613"
}
],
"trust": 0.6
},
"cve": "CVE-2009-0622",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2009-0622",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-38068",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-0622",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2009-0622",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200902-613",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-38068",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38068"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001382"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-613"
},
{
"db": "NVD",
"id": "CVE-2009-0622"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI). Other attacks are also possible. Remote authentication users can execute arbitrary system commands through the command line interface",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0622"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001382"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "VULHUB",
"id": "VHN-38068"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-0622",
"trust": 2.8
},
{
"db": "BID",
"id": "33900",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001382",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200902-613",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20090225 MULTIPLE VULNERABILITIES IN THE CISCO ACE APPLICATION CONTROL ENGINE MODULE AND CISCO ACE 4710 APPLICATION CONTROL ENGINE",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-38068",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38068"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001382"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-613"
},
{
"db": "NVD",
"id": "CVE-2009-0622"
}
]
},
"id": "VAR-200902-0538",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-38068"
}
],
"trust": 0.652438975
},
"last_update_date": "2024-11-23T21:56:40.500000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20090225-ace",
"trust": 0.8,
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc82.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001382"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001382"
},
{
"db": "NVD",
"id": "CVE-2009-0622"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080a7bc82.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/33900"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0622"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0622"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a0080a7bd0a.ht"
},
{
"trust": 0.3,
"url": "http://www.cisco.com"
},
{
"trust": 0.3,
"url": "/archive/1/501237"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38068"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001382"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-613"
},
{
"db": "NVD",
"id": "CVE-2009-0622"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-38068"
},
{
"db": "BID",
"id": "33900"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001382"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-613"
},
{
"db": "NVD",
"id": "CVE-2009-0622"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-02-26T00:00:00",
"db": "VULHUB",
"id": "VHN-38068"
},
{
"date": "2009-02-25T00:00:00",
"db": "BID",
"id": "33900"
},
{
"date": "2009-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001382"
},
{
"date": "2009-02-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200902-613"
},
{
"date": "2009-02-26T16:17:20.157000",
"db": "NVD",
"id": "CVE-2009-0622"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-02-27T00:00:00",
"db": "VULHUB",
"id": "VHN-38068"
},
{
"date": "2009-03-09T22:26:00",
"db": "BID",
"id": "33900"
},
{
"date": "2009-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001382"
},
{
"date": "2009-02-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200902-613"
},
{
"date": "2024-11-21T01:00:32.533000",
"db": "NVD",
"id": "CVE-2009-0622"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-613"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Catalyst 6500 Switch and 7600 For router Cisco ACE Application Control Engine Modules and Cisco ACE 4710 Application Control Engine Appliance In any OS Command execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001382"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-613"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…