Access Control List Bypass in Cisco ASR 5000 Series Routers
CVE-2017-6672

7.5HIGH

Key Information:

Vendor

Cisco
Status
Cisco Asr 5000 Series Aggregation Services Routers
Vendor
CVE Published:
25 July 2017

What is CVE-2017-6672?

A vulnerability in the access control list (ACL) filtering mechanisms of Cisco ASR 5000 Series Aggregation Services Routers could allow unauthenticated remote attackers to bypass established ACL rules. This enables potential unauthorized access and manipulation of network traffic, raising significant security concerns for organizations utilizing these devices. Affected versions range up to 21.x, highlighting the necessity for diligent patch management and monitoring of network configurations. For more information, consult the Cisco security advisory and related references.

Affected Version(s)

Cisco ASR 5000 Series Aggregation Services Routers Cisco ASR 5000 Series Aggregation Services Routers

References

https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/99921
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038962
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.