Описание
The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE discards all lines that end with a log or time keyword, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending network traffic, aka Bug ID CSCts01106.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:cisco:ios:12.2\(58\)ses:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.0\(1\)se:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00158
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE discards all lines that end with a log or time keyword, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending network traffic, aka Bug ID CSCts01106.
EPSS
Процентиль: 37%
0.00158
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-264