CVE-2001-0864

high

Description

Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7553

http://www.securityfocus.com/bid/3536

http://www.osvdb.org/1986

http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml

http://www.ciac.org/ciac/bulletins/m-018.shtml

Details

Source: Mitre, NVD

Published: 2001-12-06

Updated: 2017-10-10

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High