- Description
- Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9A8528D-DF6A-4493-A77E-CBF08359F2E4"
},
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F90E9070-781D-4D3D-98EB-5B6DB9D3C75E"
}
],
"operator": "OR"
}
]
}
]