VYPR
Unrated severityNVD Advisory· Published Sep 29, 2009· Updated Jun 16, 2026

CVE-2009-3457

CVE-2009-3457

Description

Cisco ACE XML Gateway (AXG) and ACE Web Application Firewall (WAF) before 6.1 allow remote attackers to obtain sensitive information via an HTTP request that lacks a handler, as demonstrated by (1) an OPTIONS request or (2) a crafted GET request, leading to a Message-handling Errors message containing a certain client intranet IP address, aka Bug ID CSCtb82159.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • cpe:2.3:h:cisco:ace_web_application_firewall:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:h:cisco:ace_web_application_firewall:*:*:*:*:*:*:*:*range: <=6.0\(3\)
    • cpe:2.3:h:cisco:ace_web_application_firewall:6.0\(0\):*:*:*:*:*:*:*
    • cpe:2.3:h:cisco:ace_web_application_firewall:6.0\(1\):*:*:*:*:*:*:*
    • cpe:2.3:h:cisco:ace_web_application_firewall:6.0\(2\):*:*:*:*:*:*:*
    • (no CPE)range: <6.1
  • cpe:2.3:h:cisco:ace_xml_gateway:*:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:h:cisco:ace_xml_gateway:*:*:*:*:*:*:*:*range: <=6.0\(3\)
    • cpe:2.3:h:cisco:ace_xml_gateway:6.0\(0\):*:*:*:*:*:*:*
    • cpe:2.3:h:cisco:ace_xml_gateway:6.0\(1\):*:*:*:*:*:*:*
    • cpe:2.3:h:cisco:ace_xml_gateway:6.0\(2\):*:*:*:*:*:*:*
    • (no CPE)range: <6.1

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.