CVE-2009-0637
N/A
N/A
Summary
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904c8.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml
- http://secunia.com/advisories/34438
- http://securitytracker.com/id?1021899
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49423
- http://www.securityfocus.com/bid/34247
- http://www.vupen.com/english/advisories/2009/0851
References
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a904c8.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a90469.shtml
- http://secunia.com/advisories/34438
- http://securitytracker.com/id?1021899
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49423
- http://www.securityfocus.com/bid/34247
- http://www.vupen.com/english/advisories/2009/0851
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.