CVE-2015-0610

medium

Description

Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCun21071.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/100807

http://www.securitytracker.com/id/1031732

http://www.securityfocus.com/bid/72565

http://tools.cisco.com/security/center/viewAlert.x?alertId=37423

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0610

Details

Source: Mitre, NVD

Published: 2015-02-12

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00247