CVE-2009-0626

Cisco Security Advisory 20090325-webvpn

Severity Score

7.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet.

La funcionalidad SSLVPN en Cisco IOS v12.3 hasta v12.4 permite a atacantes remotos provocar una denegación de servicio (reinicio o cuelgue del dispositivo) mediante paquetes HTTPS manipulados.

Cisco IOS software contains two vulnerabilities within the Cisco IOS WebVPN or Cisco IOS SSLVPN feature (SSLVPN) that can be remotely exploited without authentication to cause a denial of service condition. A crafted HTTPS packet will crash device. SSLVPN sessions cause a memory leak in the device.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2009-02-18 CVE Reserved
2009-03-26 CVE Published
2024-08-07 CVE Updated
2025-08-16 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-399: Resource Management Errors

CAPEC

References (8)

URL	Tag	Source
http://securitytracker.com/id?1021896	Vdb Entry
http://www.securityfocus.com/bid/34239	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/49425	Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6919	Signature

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/34438	2017-09-29
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90424.shtml	2017-09-29
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml	2017-09-29
http://www.vupen.com/english/advisories/2009/0851	2017-09-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3 Search vendor "Cisco" for product "Ios" and version "12.3"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3b Search vendor "Cisco" for product "Ios" and version "12.3b"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3bc Search vendor "Cisco" for product "Ios" and version "12.3bc"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3bw Search vendor "Cisco" for product "Ios" and version "12.3bw"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3ja Search vendor "Cisco" for product "Ios" and version "12.3ja"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3jea Search vendor "Cisco" for product "Ios" and version "12.3jea"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3jeb Search vendor "Cisco" for product "Ios" and version "12.3jeb"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3jec Search vendor "Cisco" for product "Ios" and version "12.3jec"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3jk Search vendor "Cisco" for product "Ios" and version "12.3jk"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3jl Search vendor "Cisco" for product "Ios" and version "12.3jl"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3jx Search vendor "Cisco" for product "Ios" and version "12.3jx"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3t Search vendor "Cisco" for product "Ios" and version "12.3t"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3tpc Search vendor "Cisco" for product "Ios" and version "12.3tpc"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3va Search vendor "Cisco" for product "Ios" and version "12.3va"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xa Search vendor "Cisco" for product "Ios" and version "12.3xa"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xb Search vendor "Cisco" for product "Ios" and version "12.3xb"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xc Search vendor "Cisco" for product "Ios" and version "12.3xc"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xd Search vendor "Cisco" for product "Ios" and version "12.3xd"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xf Search vendor "Cisco" for product "Ios" and version "12.3xf"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xg Search vendor "Cisco" for product "Ios" and version "12.3xg"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xi Search vendor "Cisco" for product "Ios" and version "12.3xi"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xj Search vendor "Cisco" for product "Ios" and version "12.3xj"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xk Search vendor "Cisco" for product "Ios" and version "12.3xk"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xl Search vendor "Cisco" for product "Ios" and version "12.3xl"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xq Search vendor "Cisco" for product "Ios" and version "12.3xq"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xs Search vendor "Cisco" for product "Ios" and version "12.3xs"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xu Search vendor "Cisco" for product "Ios" and version "12.3xu"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xw Search vendor "Cisco" for product "Ios" and version "12.3xw"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xx Search vendor "Cisco" for product "Ios" and version "12.3xx"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xy Search vendor "Cisco" for product "Ios" and version "12.3xy"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3xz Search vendor "Cisco" for product "Ios" and version "12.3xz"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3ya Search vendor "Cisco" for product "Ios" and version "12.3ya"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yd Search vendor "Cisco" for product "Ios" and version "12.3yd"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yf Search vendor "Cisco" for product "Ios" and version "12.3yf"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yg Search vendor "Cisco" for product "Ios" and version "12.3yg"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yh Search vendor "Cisco" for product "Ios" and version "12.3yh"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yi Search vendor "Cisco" for product "Ios" and version "12.3yi"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yj Search vendor "Cisco" for product "Ios" and version "12.3yj"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yk Search vendor "Cisco" for product "Ios" and version "12.3yk"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3ym Search vendor "Cisco" for product "Ios" and version "12.3ym"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yq Search vendor "Cisco" for product "Ios" and version "12.3yq"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3ys Search vendor "Cisco" for product "Ios" and version "12.3ys"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yt Search vendor "Cisco" for product "Ios" and version "12.3yt"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yu Search vendor "Cisco" for product "Ios" and version "12.3yu"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yx Search vendor "Cisco" for product "Ios" and version "12.3yx"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.3yz Search vendor "Cisco" for product "Ios" and version "12.3yz"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4 Search vendor "Cisco" for product "Ios" and version "12.4"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4ja Search vendor "Cisco" for product "Ios" and version "12.4ja"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4jda Search vendor "Cisco" for product "Ios" and version "12.4jda"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4jk Search vendor "Cisco" for product "Ios" and version "12.4jk"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4jl Search vendor "Cisco" for product "Ios" and version "12.4jl"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4jma Search vendor "Cisco" for product "Ios" and version "12.4jma"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4jmb Search vendor "Cisco" for product "Ios" and version "12.4jmb"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4jx Search vendor "Cisco" for product "Ios" and version "12.4jx"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4md Search vendor "Cisco" for product "Ios" and version "12.4md"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4mr Search vendor "Cisco" for product "Ios" and version "12.4mr"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4sw Search vendor "Cisco" for product "Ios" and version "12.4sw"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4t Search vendor "Cisco" for product "Ios" and version "12.4t"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xa Search vendor "Cisco" for product "Ios" and version "12.4xa"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xb Search vendor "Cisco" for product "Ios" and version "12.4xb"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xc Search vendor "Cisco" for product "Ios" and version "12.4xc"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xd Search vendor "Cisco" for product "Ios" and version "12.4xd"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xf Search vendor "Cisco" for product "Ios" and version "12.4xf"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xg Search vendor "Cisco" for product "Ios" and version "12.4xg"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xj Search vendor "Cisco" for product "Ios" and version "12.4xj"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xk Search vendor "Cisco" for product "Ios" and version "12.4xk"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xl Search vendor "Cisco" for product "Ios" and version "12.4xl"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xm Search vendor "Cisco" for product "Ios" and version "12.4xm"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xn Search vendor "Cisco" for product "Ios" and version "12.4xn"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xp Search vendor "Cisco" for product "Ios" and version "12.4xp"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xq Search vendor "Cisco" for product "Ios" and version "12.4xq"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xt Search vendor "Cisco" for product "Ios" and version "12.4xt"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xv Search vendor "Cisco" for product "Ios" and version "12.4xv"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xw Search vendor "Cisco" for product "Ios" and version "12.4xw"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xy Search vendor "Cisco" for product "Ios" and version "12.4xy"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4xz Search vendor "Cisco" for product "Ios" and version "12.4xz"		-		Affected
Cisco Search vendor "Cisco"		Ios Search vendor "Cisco" for product "Ios"				12.4ya Search vendor "Cisco" for product "Ios" and version "12.4ya"		-		Affected