A vulnerability in the access control list (ACL) programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect programming of hardware when an ACL is configured using a method other than the configuration CLI. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 06:10
Type | Values Removed | Values Added |
---|---|---|
References | () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr900acl-UeEyCxkv - Vendor Advisory |
Information
Published : 2021-09-23 03:15
Updated : 2024-11-21 06:10
NVD link : CVE-2021-34696
Mitre link : CVE-2021-34696
CVE.ORG link : CVE-2021-34696
JSON object : View
Products Affected
cisco
- asr_920-24tz-m
- asr_920-24sz-m
- asr_902
- asr_920-24tz-m_r
- asr_920-12sz-im_r
- asr_920-12cz-a
- asr_920-4sz-a
- asr_920-4sz-d
- ios_xe
- asr_920-24sz-m_r
- asr_903
- asr_920-10sz-pd_r
- asr_920-24sz-im
- asr_920-4sz-d_r
- asr_920-10sz-pd
- asr_920-24sz-im_r
- asr_920-12cz-d
- asr_920-12cz-d_r
- asr_920-12cz-a_r
- asr_907
- asr_920-12sz-im
- asr_920-4sz-a_r
- asr_920u-12sz-im
CWE