CVE-2009-4918Improper Input Validation in Cisco ASA 5580

CWE-20Improper Input Validation5 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.8%
top 25.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco ASA 5580
Timeline
PublishedJun 29
Latest updateMay 2

Description

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (IKE process hang) via malformed NAT-T packets, aka Bug ID CSCsr74439.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDcisco/asa_55808.1\(1\)

Patches

Patch: www.cisco.comPatch: www.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-g96g-4732-wvqh: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 82022-05-02
CVEList
CVE-2009-4918: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 82010-06-29

💥Exploits & PoCs

2
Exploit-DB
Elxis CMS 2009 - 'index.php?task' Cross-Site Scripting2011-12-05
Exploit-DB
Elxis CMS 2009 - 'administrator/index.php' URI Cross-Site Scripting2011-12-05
CVE-2009-4918 — Improper Input Validation in Cisco | cvebase