CVE-2009-2862 — Improper Authentication in Cisco IOS

Vendor	Product	Version range	Fixed in
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—

Cisco

Cisco IOS Software Object-group Access Control List Bypass Vulnerability

vendor_cisco·2009-09-23·CVSS 4.3

CVE-2009-2862 [MEDIUM] CWE-287 Cisco IOS Software Object-group Access Control List Bypass Vulnerability Cisco IOS Software Object-group Access Control List Bypass Vulnerability A vulnerability exists in Cisco IOS® software where an unauthenticated attacker could bypass access control policies when the Object Groups for Access Control Lists (ACLs) feature is used. Cisco has released software updates that address this vulnerability. There are no workarounds for this vulnerability other than disabling the Object Groups for ACLs feature. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-acl. Note: The September 23, 2009, Cisco IOS Security Advisory bundled publication includes eleven Security Advisories. Ten of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability in Ci

Cisco

Cisco IOS Software Object-group Access Control List Bypass Vulnerability

vendor_cisco

CVE-2009-2862 Cisco IOS Software Object-group Access Control List Bypass Vulnerability CVE-2009-2862: Cisco IOS Software Object-group Access Control List Bypass Vulnerability A vulnerability exists in Cisco IOS � software where an unauthenticated attacker could bypass access control policies when the Object Groups for Access Control Lists (ACLs) feature is used. Cisco has released software updates that address this vulnerability. There are no CWE: CWE-287, CWE-287 Bug IDs: CSCsu50252, CSCsu70214, CSCsv48603, CSCsu50252, CSCsu70214

GHSA

GHSA-jv67-6q9j-gjmg: The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12

ghsa_unreviewed·2022-05-02

CVE-2009-2862 [MEDIUM] GHSA-jv67-6q9j-gjmg: The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12 The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252.

CVE-2009-2862: The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to…

Affected