fkie_cve-2009-1155
Vulnerability from fkie_nvd
Published
2009-04-09 15:08
Modified
2025-04-09 00:30
Severity ?
Summary
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors.
References
psirt@cisco.comhttp://osvdb.org/53441
psirt@cisco.comhttp://secunia.com/advisories/34607
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/34429
psirt@cisco.comhttp://www.securitytracker.com/id?1022016
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0981
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/53441
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34607
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34429
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1022016
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0981
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_5500 7.1
cisco adaptive_security_appliance_5500 7.2
cisco adaptive_security_appliance_5500 8.0
cisco adaptive_security_appliance_5500 8.1
cisco pix 7.1
cisco pix 7.2
cisco pix 8.0
cisco pix 8.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "76EAF7E0-6C0A-4B62-8776-CDE7CEB4565A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97290344-5440-4797-9668-AA1050E87C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AB1C21E-6A68-4851-BCFC-12E8E5BE9610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC14168-91A7-4D42-9CEA-09AAA3BBE2B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4991BC7-B07D-4D8C-885C-136AD9D4E209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B161D0-D78B-4517-88AC-3A110F13C154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35649F68-BD09-4684-925D-620D99B42CE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:pix:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32C602C-E278-4DA2-B7D0-941FABA9ADC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Cisco Adaptive Security Appliances (ASA) 5500 Series y PIX Security Appliances v7.1(1) hasta v7.1(2)82, v7.2 anteriores a v7.2(4)27, v8.0 anteriores a v8.0(4)25, y v8.1 anteriores a v8.1(2)15, cuando introducimos en un campo de atributo general AAA, permite a atacantes remotos saltarse la autenticaci\u00f3n y establecer una sesi\u00f3n VPN a un dispositivo ASO mediante vectores no especificados."
    }
  ],
  "evaluatorImpact": "Per vendor advisory: http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml\r\n\r\n\"VPN Authentication Bypass Vulnerability\r\n\r\nCisco ASA or Cisco PIX security appliances that are configured for IPsec or SSL-based remote access VPN and have the Override Account Disabled feature enabled are affected by this vulnerability.\r\n\r\nNote:  The Override Account Disabled feature was introduced in Cisco ASA software version 7.1(1). Cisco ASA and PIX software versions 7.1, 7.2, 8.0, and 8.1 are affected by this vulnerability. This feature is disabled by default. \"",
  "id": "CVE-2009-1155",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-04-09T15:08:35.703",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/53441"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1022016"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/53441"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/34607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022016"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0981"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.