Описание
Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
Ссылки
- PatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:cisco:ios:8.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:8.3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:9.0:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:9.1:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00296
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.
EPSS
Процентиль: 53%
0.00296
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other