Lucene search

MitreCVE-2001-0865

HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0865

2002-03-0905:00:00

mitre

web.nvd.nist.gov

cisco 12000

ios 12.0

security vulnerability

fragment keyword

acl

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.005

Percentile

75.7%

JSON

Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the “fragment” keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.

Affected configurations

Nvd

Node

cisco12000_router

VendorProductVersionCPE
cisco12000_router*cpe:2.3:h:cisco:12000_router:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	12000_router	*	cpe:2.3:h:cisco:12000_router::::::::

References

www.ciac.org/ciac/bulletins/m-018.shtml

www.cisco.com/warp/public/707/GSR-ACL-pub.shtml

www.osvdb.org/1988

www.securityfocus.com/bid/3540

exchange.xforce.ibmcloud.com/vulnerabilities/7552

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

Low

EPSS

0.005

Percentile

75.7%

JSON

Related for CVE-2001-0865