Vulnerability in Cisco Asr_9001
CVE-2015-0694
Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not…
EPSS: 0.004 (58.9th percentile) — read the EPSS interpretation.
Affected products
- Cisco Asr_9001
- Cisco Asr_9006
- Cisco Asr_9010
- Cisco Asr_9904
- Cisco Asr_9912
- Cisco Asr_9922
- Cisco Ios_xr — versions 5.3.0_base
- N/a — versions n/a
Weakness classification (CWE)
References
- 20150409 Cisco Aggregate Services Router 9000 ASR9K Security Bypass Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
- 1032059 (vdb-entry, x_refsource_SECTRACK)