5.8

CVE-2021-34696

A vulnerability in the access control list (ACL) programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect programming of hardware when an ACL is configured using a method other than the configuration CLI. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoIos Xe Version <= 17.3.2
   CiscoAsr 902 Version-
   CiscoAsr 903 Version-
   CiscoAsr 907 Version-
   CiscoAsr 920-10sz-pd Version-
   CiscoAsr 920-10sz-pd R Version-
   CiscoAsr 920-12cz-a Version-
   CiscoAsr 920-12cz-a R Version-
   CiscoAsr 920-12cz-d Version-
   CiscoAsr 920-12cz-d R Version-
   CiscoAsr 920-12sz-im Version-
   CiscoAsr 920-12sz-im R Version-
   CiscoAsr 920-24sz-im Version-
   CiscoAsr 920-24sz-im R Version-
   CiscoAsr 920-24sz-m Version-
   CiscoAsr 920-24sz-m R Version-
   CiscoAsr 920-24tz-m Version-
   CiscoAsr 920-24tz-m R Version-
   CiscoAsr 920-4sz-a Version-
   CiscoAsr 920-4sz-a R Version-
   CiscoAsr 920-4sz-d Version-
   CiscoAsr 920-4sz-d R Version-
   CiscoAsr 920u-12sz-im Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.26% 0.5
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.8 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
psirt@cisco.com 5.8 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.