CVE-2009-4913 — Cisco ASA 5580 vulnerability

CWE-2643 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.1%

top 73.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco ASA 5580

Timeline

PublishedJun 29

Latest updateMay 2

Description

The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/asa_55808.1\(1\)

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-jjqv-555m-3f57: The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8↗2022-05-02

▶

CVEList

CVE-2009-4913: The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8↗2010-06-29

▶