CVE-2012-1342Incorrect Authorization in Cisco Carrier Routing System

CWE-863Incorrect AuthorizationCWE-2644 documents4 sources
Severity
5.8MEDIUMNVD
EPSS
0.1%
top 64.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Carrier Routing System
Timeline
PublishedAug 6
Latest updateMay 13

Description

Cisco Carrier Routing System (CRS) 3.9, 4.0, and 4.1 allows remote attackers to bypass ACL entries via fragmented packets, aka Bug ID CSCtj10975.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

NVDcisco/carrier_routing_system3.9.0, 4.0.0, 4.1.0+2

🔴Vulnerability Details

2
GHSA
GHSA-jxf6-q59w-r36q: Cisco Carrier Routing System (CRS) 32022-05-13
CVEList
CVE-2012-1342: Cisco Carrier Routing System (CRS) 32012-08-06

📋Vendor Advisories

1
Cisco
Cisco Carrier Routing System Security Bypass Vulnerability2012-08-10
CVE-2012-1342 — Incorrect Authorization in Cisco | cvebase