CVE-2009-0626
UnknownEPSS 1.97%
Last modified
CVE-2009-0626 is a vulnerability of currently unknown severity. The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.. EPSS estimates a 1.97% chance of exploitation in the next 30 days.
Description
The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.3 |
| Cisco | Ios | 12.3b |
| Cisco | Ios | 12.3bc |
| Cisco | Ios | 12.3bw |
| Cisco | Ios | 12.3ja |
| Cisco | Ios | 12.3jea |
| Cisco | Ios | 12.3jeb |
| Cisco | Ios | 12.3jec |
| Cisco | Ios | 12.3jk |
| Cisco | Ios | 12.3jl |
| Cisco | Ios | 12.3jx |
| Cisco | Ios | 12.3t |
| Cisco | Ios | 12.3tpc |
| Cisco | Ios | 12.3va |
| Cisco | Ios | 12.3xa |
| Cisco | Ios | 12.3xb |
| Cisco | Ios | 12.3xc |
| Cisco | Ios | 12.3xd |
| Cisco | Ios | 12.3xf |
| Cisco | Ios | 12.3xg |
| Cisco | Ios | 12.3xi |
| Cisco | Ios | 12.3xj |
| Cisco | Ios | 12.3xk |
| Cisco | Ios | 12.3xl |
| Cisco | Ios | 12.3xq |
| Cisco | Ios | 12.3xs |
| Cisco | Ios | 12.3xu |
| Cisco | Ios | 12.3xw |
| Cisco | Ios | 12.3xx |
| Cisco | Ios | 12.3xy |
| Cisco | Ios | 12.3xz |
| Cisco | Ios | 12.3ya |
| Cisco | Ios | 12.3yd |
| Cisco | Ios | 12.3yf |
| Cisco | Ios | 12.3yg |
| Cisco | Ios | 12.3yh |
| Cisco | Ios | 12.3yi |
| Cisco | Ios | 12.3yj |
| Cisco | Ios | 12.3yk |
| Cisco | Ios | 12.3ym |
| Cisco | Ios | 12.3yq |
| Cisco | Ios | 12.3ys |
| Cisco | Ios | 12.3yt |
| Cisco | Ios | 12.3yu |
| Cisco | Ios | 12.3yx |
| Cisco | Ios | 12.3yz |
| Cisco | Ios | 12.4 |
| Cisco | Ios | 12.4ja |
| Cisco | Ios | 12.4jda |
| Cisco | Ios | 12.4jk |
Showing 50 of 77 affected configurations. See NVD for the full list.
References
- http://secunia.com/advisories/34438Vendor Advisory
- http://www.vupen.com/english/advisories/2009/0851Vendor Advisory
- http://secunia.com/advisories/34438Vendor Advisory
- http://www.vupen.com/english/advisories/2009/0851Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-0626?
The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.
How severe is CVE-2009-0626?
Severity scoring for CVE-2009-0626 is pending analysis. The EPSS model estimates a 1.97% probability of exploitation in the next 30 days.
How do I fix CVE-2009-0626?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2009-0626?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST