CVE-2009-2863: Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the…

CVE-2009-2863 [HIGH] CWE-399 Cisco IOS Software Authentication Proxy Vulnerability Cisco IOS Software Authentication Proxy Vulnerability Cisco IOS® Software configured with Authentication Proxy for HTTP(S), Web Authentication or the consent feature, contains a vulnerability that may allow an unauthenticated session to bypass the authentication proxy server or bypass the consent webpage. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20090923-auth-proxy Note: The September 23, 2009, Cisco IOS Security Advisory bundled publication includes eleven Security Advisories. Ten of the advisories address vulnerabilities in Cisco IOS Software, and one advisory addresses a vulnerability

CVE-2009-2863 Cisco IOS Software Authentication Proxy Vulnerability CVE-2009-2863: Cisco IOS Software Authentication Proxy Vulnerability Cisco IOS � Software configured with Authentication Proxy for HTTP(S), Web Authentication or the consent feature, contains a vulnerability that may allow an unauthenticated session to bypass the authentication proxy server or bypass the consent webpage. Cisco has released software updates that address this vulnerability. There are no CWE: CWE-399, CWE-399 Bug IDs: CSCsy15227, CSCsy15227

CVE-2009-2863 [HIGH] CWE-287 GHSA-r2mm-qr53-2j54: Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12 Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.