CVE-2021-34696

A vulnerability in the access control list (ACL) programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect programming of hardware when an ACL is configured using a method other than the configuration CLI. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:10

Type Values Removed Values Added
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr900acl-UeEyCxkv - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr900acl-UeEyCxkv - Vendor Advisory

Information

Published : 2021-09-23 03:15

Updated : 2024-11-21 06:10


NVD link : CVE-2021-34696

Mitre link : CVE-2021-34696

CVE.ORG link : CVE-2021-34696


JSON object : View

Products Affected

cisco

  • asr_920-24tz-m
  • asr_920-24sz-m
  • asr_902
  • asr_920-24tz-m_r
  • asr_920-12sz-im_r
  • asr_920-12cz-a
  • asr_920-4sz-a
  • asr_920-4sz-d
  • ios_xe
  • asr_920-24sz-m_r
  • asr_903
  • asr_920-10sz-pd_r
  • asr_920-24sz-im
  • asr_920-4sz-d_r
  • asr_920-10sz-pd
  • asr_920-24sz-im_r
  • asr_920-12cz-d
  • asr_920-12cz-d_r
  • asr_920-12cz-a_r
  • asr_907
  • asr_920-12sz-im
  • asr_920-4sz-a_r
  • asr_920u-12sz-im
CWE
CWE-284

Improper Access Control

NVD-CWE-Other