VYPR
Unrated severityNVD Advisory· Published Jul 15, 2009· Updated Jun 16, 2026

CVE-2009-1135

CVE-2009-1135

Description

Microsoft Internet Security and Acceleration (ISA) Server 2006 Gold and SP1, when Radius OTP is enabled, uses the HTTP-Basic authentication method, which allows remote attackers to gain the privileges of an arbitrary account, and access published web pages, via vectors involving attempted access to a network resource behind the ISA Server, aka "Radius OTP Bypass Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.

CVE-2009-1135 · VYPR