CVE-2009-0638

CWE-3994 documents4 sources

Severity

7.8HIGH

EPSS

1.5%

top 18.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firewall Services Module

Timeline

PublishedAug 21

Latest updateMay 2

Description

The Cisco Firewall Services Module (FWSM) 2.x, 3.1 before 3.1(16), 3.2 before 3.2(13), and 4.0 before 4.0(6) for Cisco Catalyst 6500 switches and Cisco 7600 routers allows remote attackers to cause a denial of service (traffic-handling outage) via a series of malformed ICMP messages.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/firewall_services_module14 versions+13

Patches

Patch: www.cisco.com ↗Patch: www.securityfocus.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-jmpc-v965-868j: The Cisco Firewall Services Module (FWSM) 2↗2022-05-02

▶

CVEList

CVE-2009-0638: The Cisco Firewall Services Module (FWSM) 2↗2009-08-20

▶

📋Vendor Advisories

Cisco

Firewall Services Module Crafted ICMP Message Vulnerability↗2009-08-19

▶