1. Home
  2. CVE Database
  3. CVE-2009-0628
HIGH · 9.0

CVE-2009-0628

Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnorm...

Vulnerability Description

Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak.

CVSS Score

9.0

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:C
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
COMPLETE

Affected Products

VendorProductVersions
CiscoCisco Ios12.3

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2009-0628?

CVE-2009-0628 is a vulnerability with a CVSS score of 9.0 (HIGH). Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnorm...

How severe is CVE-2009-0628?

CVE-2009-0628 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-0628?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Cisco Ios.