A vulnerability in the access control list (ACL) programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect programming of hardware when an ACL is configured using a method other than the configuration CLI. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 07 Nov 2024 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-11-07T21:59:32.824Z

Reserved: 2021-06-15T00:00:00

Link: CVE-2021-34696

cve-icon Vulnrichment

Updated: 2024-08-04T00:19:47.976Z

cve-icon NVD

Status : Modified

Published: 2021-09-23T03:15:15.633

Modified: 2024-11-21T06:10:58.117

Link: CVE-2021-34696

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.