7.5

CVE-2001-0864

EPSS 0.6%
Veröffentlicht 06.12.2001 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ 12000 Router

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.6%	0.67

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://www.ciac.org/ciac/bulletins/m-018.shtml

http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml

Patch

Vendor Advisory

http://www.osvdb.org/1986

http://www.securityfocus.com/bid/3536

https://exchange.xforce.ibmcloud.com/vulnerabilities/7553

https://nvd.nist.gov/vuln/detail/CVE-2001-0864

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2001-0864

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2001-0864

EUVD