Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCiscoCVELIST:CVE-2017-12213
HistorySep 07, 2017 - 9:00 p.m.

CVE-2017-12213

2017-09-0721:00:00
CWE-287
cisco
www.cve.org
3

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

40.2%

JSON

A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dynamic ACL assignment to fail and the port to fail open. This could allow the attacker to pass traffic to the default VLAN of the affected port. The vulnerability is due to an uncaught error condition that may occur during the reassignment of the auth-default-ACL dynamic ACL to a switch port after 802.1x authentication fails. A successful exploit of this issue could allow a physically adjacent attacker to bypass 802.1x authentication and cause the affected port to fail open, allowing the attacker to pass traffic to the default VLAN of the affected switch port. Cisco Bug IDs: CSCvc72751.

CNA Affected

[
  {
    "product": "Cisco Catalyst 4000 Series Switches",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco Catalyst 4000 Series Switches"
      }
    ]
  }
]

Related

cisco 1
cve 1
prion 1
nvd 1
cisco
cisco
Cisco Catalyst 4000 Series Switches Dynamic ACL Bypass Vulnerability
2017-09-06 16:00:00
cve
cve
CVE-2017-12213
2017-09-07 21:29:00
prion
prion
Input validation
2017-09-07 21:29:00
nvd
nvd
CVE-2017-12213
2017-09-07 21:29:00

AI Score

4.9

Confidence

High

EPSS

0.001

Percentile

40.2%

JSON
Related for CVELIST:CVE-2017-12213
cisco1cve1prion1nvd1