Cisco Bug: CSCtb31575 - Custom Java-based extensions for AXG may be vulnerable to CVE-2009-2625
Feb 22, 2017
- Cisco ACE XML Gateways
- Cisco ACE XML Gateway
Known Affected Releases
Symptom: Custom Java-based extensions for AXG may be vulnerable to CVE-2009-2625. Conditions: The vulnerability is found inside XML parser in JDK and allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML. None of the certified Cisco-created extensions are affected by this issue.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases