CVE-2012-0362

The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE discards all lines that end with a log or time keyword, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending network traffic, aka Bug ID CSCts01106.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
ciscoios
12.2\(58\)ses
ciscoios
15.0\(1\)se
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://puck.nether.net/pipermail/cisco-nsp/2012-February/083517.html
http://www.securitytracker.com/id?1027005
http://puck.nether.net/pipermail/cisco-nsp/2012-February/083517.html
http://www.securitytracker.com/id?1027005