PT-2007-2403 · Cisco · Cisco Firewall Services Module

Published

2007-02-16

Updated

2017-07-29

CVE-2007-0968

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Cisco Firewall Services Module (FWSM) versions prior to 2.3(4.7) Cisco Firewall Services Module (FWSM) versions 3.x prior to 3.1(3.1)

Description: The issue causes the access control entries (ACE) in an ACL to be improperly evaluated. This allows remote authenticated users to bypass intended certain ACL protections.

Recommendations: For versions prior to 2.3(4.7), update to version 2.3(4.7) or later. For versions 3.x prior to 3.1(3.1), update to version 3.1(3.1) or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0968

Affected Products

Cisco Firewall Services Module

PT-2007-2403 · Cisco · Cisco Firewall Services Module

CVE-2007-0968

Related Identifiers

Affected Products

References · 7