CVE-2009-0637
First published: Fri Mar 27 2009(Updated: )
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS | =12.2 | |
| Cisco IOS | =12.2b | |
| Cisco IOS | =12.2bc | |
| Cisco IOS | =12.2bw | |
| Cisco IOS | =12.2bx | |
| Cisco IOS | =12.2by | |
| Cisco IOS | =12.2bz | |
| Cisco IOS | =12.2ca | |
| Cisco IOS | =12.2cx | |
| Cisco IOS | =12.2cy | |
| Cisco IOS | =12.2cz | |
| Cisco IOS | =12.2da | |
| Cisco IOS | =12.2dd | |
| Cisco IOS | =12.2dx | |
| Cisco IOS | =12.2ew | |
| Cisco IOS | =12.2ewa | |
| Cisco IOS | =12.2ex | |
| Cisco IOS | =12.2ey | |
| Cisco IOS | =12.2ez | |
| Cisco IOS | =12.2fx | |
| Cisco IOS | =12.2fy | |
| Cisco IOS | =12.2fz | |
| Cisco IOS | =12.2irb | |
| Cisco IOS | =12.2ixa | |
| Cisco IOS | =12.2ixb | |
| Cisco IOS | =12.2ixc | |
| Cisco IOS | =12.2ixd | |
| Cisco IOS | =12.2ixe | |
| Cisco IOS | =12.2ixf | |
| Cisco IOS | =12.2ixg | |
| Cisco IOS | =12.2ja | |
| Cisco IOS | =12.2jk | |
| Cisco IOS | =12.2l | |
| Cisco IOS | =12.2mb | |
| Cisco IOS | =12.2mc | |
| Cisco IOS | =12.2rc | |
| Cisco IOS | =12.2s | |
| Cisco IOS | =12.2sb | |
| Cisco IOS | =12.2sbc | |
| Cisco IOS | =12.2sca | |
| Cisco IOS | =12.2sga | |
| Cisco IOS | =12.2sm | |
| Cisco IOS | =12.2so | |
| Cisco IOS | =12.2sr | |
| Cisco IOS | =12.2sra | |
| Cisco IOS | =12.2srb | |
| Cisco IOS | =12.2src | |
| Cisco IOS | =12.2su | |
| Cisco IOS | =12.2sv | |
| Cisco IOS | =12.2sva | |
| Cisco IOS | =12.2svc | |
| Cisco IOS | =12.2svd | |
| Cisco IOS | =12.2sve | |
| Cisco IOS | =12.2sw | |
| Cisco IOS | =12.2sx | |
| Cisco IOS | =12.2sxa | |
| Cisco IOS | =12.2sxb | |
| Cisco IOS | =12.2sxd | |
| Cisco IOS | =12.2sxe | |
| Cisco IOS | =12.2sxf | |
| Cisco IOS | =12.2sy | |
| Cisco IOS | =12.2sz | |
| Cisco IOS | =12.2t | |
| Cisco IOS | =12.2tpc | |
| Cisco IOS | =12.2xa | |
| Cisco IOS | =12.2xb | |
| Cisco IOS | =12.2xc | |
| Cisco IOS | =12.2xd | |
| Cisco IOS | =12.2xe | |
| Cisco IOS | =12.2xf | |
| Cisco IOS | =12.2xg | |
| Cisco IOS | =12.2xh | |
| Cisco IOS | =12.2xi | |
| Cisco IOS | =12.2xj | |
| Cisco IOS | =12.2xk | |
| Cisco IOS | =12.2xl | |
| Cisco IOS | =12.2xm | |
| Cisco IOS | =12.2xn | |
| Cisco IOS | =12.2xo | |
| Cisco IOS | =12.2xq | |
| Cisco IOS | =12.2xr | |
| Cisco IOS | =12.2xs | |
| Cisco IOS | =12.2xt | |
| Cisco IOS | =12.2xu | |
| Cisco IOS | =12.2xv | |
| Cisco IOS | =12.2xw | |
| Cisco IOS | =12.2ya | |
| Cisco IOS | =12.2yb | |
| Cisco IOS | =12.2yc | |
| Cisco IOS | =12.2yd | |
| Cisco IOS | =12.2ye | |
| Cisco IOS | =12.2yf | |
| Cisco IOS | =12.2yg | |
| Cisco IOS | =12.2yh | |
| Cisco IOS | =12.2yj | |
| Cisco IOS | =12.2yk | |
| Cisco IOS | =12.2yl | |
| Cisco IOS | =12.2ym | |
| Cisco IOS | =12.2yn | |
| Cisco IOS | =12.2yo | |
| Cisco IOS | =12.2yp | |
| Cisco IOS | =12.2yq | |
| Cisco IOS | =12.2yr | |
| Cisco IOS | =12.2ys | |
| Cisco IOS | =12.2yt | |
| Cisco IOS | =12.2yu | |
| Cisco IOS | =12.2yv | |
| Cisco IOS | =12.2yw | |
| Cisco IOS | =12.2yx | |
| Cisco IOS | =12.2yy | |
| Cisco IOS | =12.2yz | |
| Cisco IOS | =12.2za | |
| Cisco IOS | =12.2zb | |
| Cisco IOS | =12.2zc | |
| Cisco IOS | =12.2zd | |
| Cisco IOS | =12.2ze | |
| Cisco IOS | =12.2zf | |
| Cisco IOS | =12.2zg | |
| Cisco IOS | =12.2zh | |
| Cisco IOS | =12.2zj | |
| Cisco IOS | =12.2zl | |
| Cisco IOS | =12.2zp | |
| Cisco IOS | =12.2zu | |
| Cisco IOS | =12.2zx | |
| Cisco IOS | =12.2zy | |
| Cisco IOS | =12.2zya | |
| Cisco IOS | =12.4 | |
| Cisco IOS | =12.4\(1\) | |
| Cisco IOS | =12.4\(1b\) | |
| Cisco IOS | =12.4\(1c\) | |
| Cisco IOS | =12.4\(2\)mr | |
| Cisco IOS | =12.4\(2\)mr1 | |
| Cisco IOS | =12.4\(2\)t | |
| Cisco IOS | =12.4\(2\)t1 | |
| Cisco IOS | =12.4\(2\)t2 | |
| Cisco IOS | =12.4\(2\)t3 | |
| Cisco IOS | =12.4\(2\)t4 | |
| Cisco IOS | =12.4\(2\)xa | |
| Cisco IOS | =12.4\(2\)xb | |
| Cisco IOS | =12.4\(2\)xb2 | |
| Cisco IOS | =12.4\(3\) | |
| Cisco IOS | =12.4\(3\)t2 | |
| Cisco IOS | =12.4\(3a\) | |
| Cisco IOS | =12.4\(3b\) | |
| Cisco IOS | =12.4\(3d\) | |
| Cisco IOS | =12.4\(4\)mr | |
| Cisco IOS | =12.4\(4\)t | |
| Cisco IOS | =12.4\(4\)t2 | |
| Cisco IOS | =12.4\(5\) | |
| Cisco IOS | =12.4\(5b\) | |
| Cisco IOS | =12.4\(6\)t | |
| Cisco IOS | =12.4\(6\)t1 | |
| Cisco IOS | =12.4\(7\) | |
| Cisco IOS | =12.4\(7a\) | |
| Cisco IOS | =12.4\(8\) | |
| Cisco IOS | =12.4\(9\)t | |
| Cisco IOS | =12.4\(23\) | |
| Cisco IOS | =12.4ja | |
| Cisco IOS | =12.4jda | |
| Cisco IOS | =12.4jk | |
| Cisco IOS | =12.4jl | |
| Cisco IOS | =12.4jma | |
| Cisco IOS | =12.4jmb | |
| Cisco IOS | =12.4jx | |
| Cisco IOS | =12.4md | |
| Cisco IOS | =12.4mr | |
| Cisco IOS | =12.4s | |
| Cisco IOS | =12.4sw | |
| Cisco IOS | =12.4t | |
| Cisco IOS | =12.4xa | |
| Cisco IOS | =12.4xb | |
| Cisco IOS | =12.4xc | |
| Cisco IOS | =12.4xd | |
| Cisco IOS | =12.4xe | |
| Cisco IOS | =12.4xf | |
| Cisco IOS | =12.4xg | |
| Cisco IOS | =12.4xj | |
| Cisco IOS | =12.4xk | |
| Cisco IOS | =12.4xl | |
| Cisco IOS | =12.4xm | |
| Cisco IOS | =12.4xn | |
| Cisco IOS | =12.4xp | |
| Cisco IOS | =12.4xt | |
| Cisco IOS | =12.4xv | |
| Cisco IOS | =12.4xw | |
| Cisco IOS | =12.4xy | |
| Cisco IOS XRv 9000 | =12.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/34438
- http://securitytracker.com/id?1021899
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904c8.shtml
- http://www.securityfocus.com/bid/34247
- http://www.vupen.com/english/advisories/2009/0851
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49423
Frequently Asked Questions
What is the severity of CVE-2009-0637?
CVE-2009-0637 is rated as high severity due to the potential for remote file access and manipulation.
How do I fix CVE-2009-0637?
To fix CVE-2009-0637, it's recommended to upgrade to a version of Cisco IOS that is not vulnerable, specifically versions higher than the affected ranges.
What systems are affected by CVE-2009-0637?
CVE-2009-0637 affects Cisco IOS versions 12.2 through 12.4, including its various sub-versions.
What are the potential impacts of CVE-2009-0637?
The potential impacts of CVE-2009-0637 include unauthorized file access or overwriting by authenticated users.
Is there a workaround for CVE-2009-0637?
Disabling Role-Based CLI Access can serve as a temporary workaround for CVE-2009-0637 until a patch is applied.
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/cisco
- canonical/cisco ios
- version/cisco ios/12.2
- version/cisco ios/12.2b
- version/cisco ios/12.2bc
- version/cisco ios/12.2bw
- version/cisco ios/12.2bx
- version/cisco ios/12.2by
- version/cisco ios/12.2bz
- version/cisco ios/12.2ca
- version/cisco ios/12.2cx
- version/cisco ios/12.2cy
- version/cisco ios/12.2cz
- version/cisco ios/12.2da
- version/cisco ios/12.2dd
- version/cisco ios/12.2dx
- version/cisco ios/12.2ew
- version/cisco ios/12.2ewa
- version/cisco ios/12.2ex
- version/cisco ios/12.2ey
- version/cisco ios/12.2ez
- version/cisco ios/12.2fx
- version/cisco ios/12.2fy
- version/cisco ios/12.2fz
- version/cisco ios/12.2irb
- version/cisco ios/12.2ixa
- version/cisco ios/12.2ixb
- version/cisco ios/12.2ixc
- version/cisco ios/12.2ixd
- version/cisco ios/12.2ixe
- version/cisco ios/12.2ixf
- version/cisco ios/12.2ixg
- version/cisco ios/12.2ja
- version/cisco ios/12.2jk
- version/cisco ios/12.2l
- version/cisco ios/12.2mb
- version/cisco ios/12.2mc
- version/cisco ios/12.2rc
- version/cisco ios/12.2s
- version/cisco ios/12.2sb
- version/cisco ios/12.2sbc
- version/cisco ios/12.2sca
- version/cisco ios/12.2sga
- version/cisco ios/12.2sm
- version/cisco ios/12.2so
- version/cisco ios/12.2sr
- version/cisco ios/12.2sra
- version/cisco ios/12.2srb
- version/cisco ios/12.2src
- version/cisco ios/12.2su
- version/cisco ios/12.2sv
- version/cisco ios/12.2sva
- version/cisco ios/12.2svc
- version/cisco ios/12.2svd
- version/cisco ios/12.2sve
- version/cisco ios/12.2sw
- version/cisco ios/12.2sx
- version/cisco ios/12.2sxa
- version/cisco ios/12.2sxb
- version/cisco ios/12.2sxd
- version/cisco ios/12.2sxe
- version/cisco ios/12.2sxf
- version/cisco ios/12.2sy
- version/cisco ios/12.2sz
- version/cisco ios/12.2t
- version/cisco ios/12.2tpc
- version/cisco ios/12.2xa
- version/cisco ios/12.2xb
- version/cisco ios/12.2xc
- version/cisco ios/12.2xd
- version/cisco ios/12.2xe
- version/cisco ios/12.2xf
- version/cisco ios/12.2xg
- version/cisco ios/12.2xh
- version/cisco ios/12.2xi
- version/cisco ios/12.2xj
- version/cisco ios/12.2xk
- version/cisco ios/12.2xl
- version/cisco ios/12.2xm
- version/cisco ios/12.2xn
- version/cisco ios/12.2xo
- version/cisco ios/12.2xq
- version/cisco ios/12.2xr
- version/cisco ios/12.2xs
- version/cisco ios/12.2xt
- version/cisco ios/12.2xu
- version/cisco ios/12.2xv
- version/cisco ios/12.2xw
- version/cisco ios/12.2ya
- version/cisco ios/12.2yb
- version/cisco ios/12.2yc
- version/cisco ios/12.2yd
- version/cisco ios/12.2ye
- version/cisco ios/12.2yf
- version/cisco ios/12.2yg
- version/cisco ios/12.2yh
- version/cisco ios/12.2yj
- version/cisco ios/12.2yk
- version/cisco ios/12.2yl
- version/cisco ios/12.2ym
- version/cisco ios/12.2yn
- version/cisco ios/12.2yo
- version/cisco ios/12.2yp
- version/cisco ios/12.2yq
- version/cisco ios/12.2yr
- version/cisco ios/12.2ys
- version/cisco ios/12.2yt
- version/cisco ios/12.2yu
- version/cisco ios/12.2yv
- version/cisco ios/12.2yw
- version/cisco ios/12.2yx
- version/cisco ios/12.2yy
- version/cisco ios/12.2yz
- version/cisco ios/12.2za
- version/cisco ios/12.2zb
- version/cisco ios/12.2zc
- version/cisco ios/12.2zd
- version/cisco ios/12.2ze
- version/cisco ios/12.2zf
- version/cisco ios/12.2zg
- version/cisco ios/12.2zh
- version/cisco ios/12.2zj
- version/cisco ios/12.2zl
- version/cisco ios/12.2zp
- version/cisco ios/12.2zu
- version/cisco ios/12.2zx
- version/cisco ios/12.2zy
- version/cisco ios/12.2zya
- version/cisco ios/12.4
- version/cisco ios/12.4\(1\)
- version/cisco ios/12.4\(1b\)
- version/cisco ios/12.4\(1c\)
- version/cisco ios/12.4\(2\)mr
- version/cisco ios/12.4\(2\)mr1
- version/cisco ios/12.4\(2\)t
- version/cisco ios/12.4\(2\)t1
- version/cisco ios/12.4\(2\)t2
- version/cisco ios/12.4\(2\)t3
- version/cisco ios/12.4\(2\)t4
- version/cisco ios/12.4\(2\)xa
- version/cisco ios/12.4\(2\)xb
- version/cisco ios/12.4\(2\)xb2
- version/cisco ios/12.4\(3\)
- version/cisco ios/12.4\(3\)t2
- version/cisco ios/12.4\(3a\)
- version/cisco ios/12.4\(3b\)
- version/cisco ios/12.4\(3d\)
- version/cisco ios/12.4\(4\)mr
- version/cisco ios/12.4\(4\)t
- version/cisco ios/12.4\(4\)t2
- version/cisco ios/12.4\(5\)
- version/cisco ios/12.4\(5b\)
- version/cisco ios/12.4\(6\)t
- version/cisco ios/12.4\(6\)t1
- version/cisco ios/12.4\(7\)
- version/cisco ios/12.4\(7a\)
- version/cisco ios/12.4\(8\)
- version/cisco ios/12.4\(9\)t
- version/cisco ios/12.4\(23\)
- version/cisco ios/12.4ja
- version/cisco ios/12.4jda
- version/cisco ios/12.4jk
- version/cisco ios/12.4jl
- version/cisco ios/12.4jma
- version/cisco ios/12.4jmb
- version/cisco ios/12.4jx
- version/cisco ios/12.4md
- version/cisco ios/12.4mr
- version/cisco ios/12.4s
- version/cisco ios/12.4sw
- version/cisco ios/12.4t
- version/cisco ios/12.4xa
- version/cisco ios/12.4xb
- version/cisco ios/12.4xc
- version/cisco ios/12.4xd
- version/cisco ios/12.4xe
- version/cisco ios/12.4xf
- version/cisco ios/12.4xg
- version/cisco ios/12.4xj
- version/cisco ios/12.4xk
- version/cisco ios/12.4xl
- version/cisco ios/12.4xm
- version/cisco ios/12.4xn
- version/cisco ios/12.4xp
- version/cisco ios/12.4xt
- version/cisco ios/12.4xv
- version/cisco ios/12.4xw
- version/cisco ios/12.4xy
- canonical/cisco ios xrv 9000
- version/cisco ios xrv 9000/12.4