CVE-2009-2631 (CNNVD-200912-055)
中文标题:
SSL VPN 权限许可和访问控制问题漏洞
英文标题:
Clientless SSL VPN products break web browser domain-based security models
漏洞描述
中文描述:
SSL VPN是采用SSL协议来实现远程接入的一种新型VPN技术。它包括:服务器认证,客户认证、SSL链路上的数据完整性和SSL链路上的数据保密性。 SSL VPN 存在安全漏洞,该漏洞允许远程访问攻击者进行跨站点脚本攻击、读取源自其他域的 cookie、访问 Web VPN 会话以获取内部资源的访问权限、执行密钥记录以及进行其他攻击。
英文描述:
Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Cisco | Adaptive Security Appliance Web SSL VPN | * | - | - |
cpe:2.3:a:cisco:adaptive_security_appliance_web_ssl_vpn:*:*:*:*:*:*:*:*
|
| Palo Alto | PAN OS Web SSL VPN | * | - | - |
cpe:2.3:a:palo_alto:pan_os_web_ssl_vpn:*:*:*:*:*:*:*:*
|
| aladdin | safenet_securewire_access_gateway | * | - | - |
cpe:2.3:h:aladdin:safenet_securewire_access_gateway:*:*:*:*:*:*:*:*
|
| cisco | adaptive_security_appliance | * | - | - |
cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*
|
| sonicwall | e-class_ssl_vpn | * | - | - |
cpe:2.3:h:sonicwall:e-class_ssl_vpn:*:*:*:*:*:*:*:*
|
| sonicwall | ssl_vpn | * | - | - |
cpe:2.3:h:sonicwall:ssl_vpn:*:*:*:*:*:*:*:*
|
| stonesoft | stonegate | * | - | - |
cpe:2.3:h:stonesoft:stonegate:*:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
cve.org
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
nvd.nist.gov
CVSS评分详情
AV:N/AC:M/Au:N/C:P/I:P/A:P
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2009-2631 |
2025-11-11 15:18:11 | 2025-11-11 07:33:02 |
| NVD | nvd_CVE-2009-2631 |
2025-11-11 14:53:01 | 2025-11-11 07:41:50 |
| CNNVD | cnnvd_CNNVD-200912-055 |
2025-11-11 15:12:15 | 2025-11-11 07:49:40 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 权限许可和访问控制问题
- cnnvd_id: 未提取 -> CNNVD-200912-055
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- cvss_score: 未提取 -> 6.8
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:M/Au:N/C:P/I:P/A:P
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 2 -> 7
- references_count: 2 -> 25
- data_sources: ['cve'] -> ['cve', 'nvd']