Vulnerability in Cisco Carrier Routing System Allows Remote Access via Fragmented Packets
CVE-2012-1342

5.8MEDIUM

Key Information:

Vendor: Cisco
Status: Carrier Routing System
Vendor: CVE Published:; 6 August 2012

Summary

The Cisco Carrier Routing System (CRS) versions 3.9, 4.0, and 4.1 exhibit a vulnerability that permits remote attackers to bypass Access Control List (ACL) entries by leveraging fragmented packets. This flaw allows unauthorized individuals to gain access to sensitive data or services otherwise protected by ACLs. It's critical for users of these versions to ensure proper mitigation strategies are in place to safeguard against potential exploitation of this vulnerability.

References

http://www.cisco.com/cisco/software/release.html?mdfid=27...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 6, 2012