CVE-2015-0610

Sažetak

Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding (CEF) switching, aka Bug ID CSCun21071.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0610
http://tools.cisco.com/security/center/viewAlert.x?alertId=37423
http://www.securityfocus.com/bid/72565
http://www.securitytracker.com/id/1031732
https://exchange.xforce.ibmcloud.com/vulnerabilities/100807

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

08-09-2017 - 01:29

Objavljeno

12-02-2015 - 01:59