Access Control Bypass Issue in Cisco Firewall Services Module
CVE-2007-0968

Currently unrated

Key Information:

Vendor: Cisco
Status: Firewall Services Module
Vendor: CVE Published:; 16 February 2007

Summary

The vulnerability in the Cisco Firewall Services Module allows for improper evaluation of access control entries (ACE) within an access control list (ACL). This misconfiguration can enable remote authenticated users to bypass specific ACL protections, potentially exposing the network to unauthorized access. Various versions prior to 2.3(4.7) and 3.1(3.1) are affected, posing a significant risk to organizations relying on these firewall services. Timely updates and patches are essential to mitigate these vulnerabilities.

References

http://www.vupen.com/english/advisories/2007/0609

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/22561

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/32521

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 16, 2007
Vulnerability Reserved
Feb 15, 2007