CVE-2012-0362

EUVD-2012-0398
The extended ACL functionality in Cisco IOS 12.2(58)SE2 and 15.0(1)SE discards all lines that end with a log or time keyword, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending network traffic, aka Bug ID CSCts01106.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 36%
Affected Products (NVD)
VendorProductVersion
ciscoios
12.2\(58\)ses
ciscoios
15.0\(1\)se
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://puck.nether.net/pipermail/cisco-nsp/2012-February/083517.html
http://www.securitytracker.com/id?1027005
http://puck.nether.net/pipermail/cisco-nsp/2012-February/083517.html
http://www.securitytracker.com/id?1027005