ID |
CVE-2001-0864
|
Summary |
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 7.5 (as of 10-10-2017 - 01:29) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
bid | 3536 | ciac | M-018 | cisco | 20011114 Multiple Vulnerabilities in Access Control List Implementation for Cisco 12000 Series Internet Router | osvdb | 1986 | xf | cisco-acl-deny-ip(7553) |
|
Last major update |
10-10-2017 - 01:29 |
Published |
06-12-2001 - 05:00 |
Last modified |
10-10-2017 - 01:29 |