CVE-2001-0864 : Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule

Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions.

Published 2001-12-06 05:00:00

Updated 2017-10-10 01:29:55

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2001-0864

Probability of exploitation activity in the next 30 days: 0.39%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 70 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2001-0864

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2001-0864

Products affected by CVE-2001-0864

Cisco » 12000 Router
cpe:2.3:h:cisco:12000_router:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2001-0864

Exploit prediction scoring system (EPSS) score for CVE-2001-0864

CVSS scores for CVE-2001-0864

References for CVE-2001-0864

Products affected by CVE-2001-0864