CVE-2024-20322

Severity Score

5.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

A vulnerability in the access control list (ACL) processing on Pseudowire interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.
This vulnerability is due to improper assignment of lookup keys to internal interface contexts. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access resources behind the affected device that were supposed to be protected by a configured ACL.

Una vulnerabilidad en el procesamiento de la lista de control de acceso (ACL) en interfaces Pseudowire en la dirección de ingreso del software Cisco IOS XR podría permitir que un atacante remoto no autenticado omita una ACL configurada. Esta vulnerabilidad se debe a una asignación incorrecta de claves de búsqueda a contextos de interfaz interna. Un atacante podría aprovechar esta vulnerabilidad intentando enviar tráfico a través de un dispositivo afectado. Un exploit exitoso podría permitir al atacante acceder a recursos detrás del dispositivo afectado que se suponía estaban protegidos por una ACL configurada.

*Credits: N/A

CVSS Scores

Ciscov3.1 5.8

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

Low

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-11-08 CVE Reserved
2024-03-13 CVE Published
2024-03-14 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-284: Improper Access Control

CAPEC

References (1)

URL	Tag	Source
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-acl-bypass-RZU5NL3e

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Cisco IOS XR Software Search vendor "Cisco" for product "Cisco IOS XR Software"				7.10.2 Search vendor "Cisco" for product "Cisco IOS XR Software" and version "7.10.2"		en		Affected
Cisco Search vendor "Cisco"		Cisco IOS XR Software Search vendor "Cisco" for product "Cisco IOS XR Software"				7.11.1 Search vendor "Cisco" for product "Cisco IOS XR Software" and version "7.11.1"		en		Affected