CVE-1999-1466 — Cisco IOS vulnerability

2 documents2 sources

Severity

7.5HIGHNVD

EPSS

0.3%

top 47.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS

Timeline

PublishedDec 10

Latest updateApr 30

Description

Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDcisco/ios4 versions+3

Patches

Patch: www.cert.org ↗Patch: www.securityfocus.com ↗Patch: www.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-f5hf-wrxf-wr76: Vulnerability in Cisco routers versions 8↗2022-04-30

▶