Security Flaw in Cisco Adaptive Security Appliances and PIX Security Appliances
CVE-2009-1160

Currently unrated

Key Information:

Vendor: Cisco
Status: Pix; Adaptive Security Appliance 5500
Vendor: CVE Published:; 9 April 2009

Summary

Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances prior to specified versions do not enforce the implicit deny policy effectively, allowing remote attackers to send malicious packets that could bypass the intended access controls. This vulnerability poses a significant risk, potentially enabling unauthorized access and network exploitation. Organizations using affected products must address this flaw to secure their network infrastructure.

References

http://www.vupen.com/english/advisories/2009/0981

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/34429

vdb-entryx_refsource_BID

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Apr 9, 2009
Vulnerability Reserved
Mar 26, 2009