CVE-2001-0867

high

Description

Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7555

http://www.securityfocus.com/bid/3538

http://www.osvdb.org/1989

http://www.cisco.com/warp/public/707/GSR-ACL-pub.shtml

http://www.ciac.org/ciac/bulletins/m-018.shtml

Details

Source: Mitre, NVD

Published: 2001-12-06

Updated: 2017-10-10

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N