Описание
Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCun21071.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 15.5\(2\)t (включая)
Одно из
cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(1\)t:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5\(1\)t1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:15.5t:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.00247
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-362
Связанные уязвимости
github
больше 3 лет назад
Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCun21071.
EPSS
Процентиль: 48%
0.00247
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-362