CVE-2017-6672

A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Series Aggregation Services Routers through 21.x could allow an unauthenticated, remote attacker to bypass ACL rules that have been configured for an affected device. More Information: CSCvb99022 CSCvc16964 CSCvc37351 CSCvc54843 CSCvc63444 CSCvc77815 CSCvc88658 CSCve08955 CSCve14141 CSCve33870.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
ciscoasr_5000_series_software
19.3.5
ciscoasr_5000_series_software
19.3.11
ciscoasr_5000_series_software
19.3.12
ciscoasr_5000_series_software
19.6.0
ciscoasr_5000_series_software
19.6.3
ciscoasr_5000_series_software
19.6.6
ciscoasr_5000_series_software
20.1.v5:v5
ciscoasr_5000_series_software
20.2.4
ciscoasr_5000_series_software
20.2.12
ciscoasr_5000_series_software
20.3.0
ciscoasr_5000_series_software
20.3.1
ciscoasr_5000_series_software
21.0.v1.66638:v1.66638
ciscoasr_5000_series_software
21.0.v2:v2
ciscoasr_5000_series_software
21.1.0
ciscoasr_5000_series_software
21.1.2
ciscoasr_5000_series_software
21.1.m0.65710:m0.65710
ciscoasr_5000_series_software
21.1.m0.65921:m0.65921
ciscoasr_5000_series_software
21.1.m0.65931:m0.65931
ciscoasr_5000_series_software
21.1.m0.65986:m0.65986
ciscoasr_5000_series_software
21.1.v0:v0
ciscoasr_5000_series_software
21.2.a0.65914:a0.65914
ciscoasr_5000_series_software
21.2.a0.65995:a0.65995
ciscoasr_5000_series_software
21.3.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/99921
http://www.securitytracker.com/id/1038962
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr1
http://www.securityfocus.com/bid/99921
http://www.securitytracker.com/id/1038962
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr1