CVE-2009-4912
First published: Tue Jun 29 2010(Updated: )
Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions via an HTTPS session, aka Bug ID CSCso10876.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco ASA 5580 | <=8.1\(1\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2009-4912?
CVE-2009-4912 has been classified as a high severity vulnerability due to its potential to allow unauthorized access to secure communications.
How do I fix CVE-2009-4912?
To fix CVE-2009-4912, update the Cisco Adaptive Security Appliance (ASA) to version 8.1(2) or later.
What devices are affected by CVE-2009-4912?
CVE-2009-4912 specifically affects Cisco Adaptive Security Appliance (ASA) 5580 series devices running software versions prior to 8.1(2).
Can CVE-2009-4912 be exploited remotely?
Yes, CVE-2009-4912 can be exploited remotely by attackers to bypass security restrictions through unauthorized SSL handshakes.
What is the impact of exploiting CVE-2009-4912?
Exploiting CVE-2009-4912 allows unauthorized HTTPS clients to establish sessions, potentially leading to unauthorized access to network resources.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/remedy
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/cisco
- canonical/cisco asa 5580
- version/cisco asa 5580/8.1\(1\)