Vulnerability Name:

CVE-2000-0700 (CCN-2267)

Assigned:1999-06-10
Published:1999-06-10
Updated:2008-09-05
Summary:Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-1999-0775

Source: MITRE
Type: CNA
CVE-2000-0700

Source: CISCO
Type: Patch, Vendor Advisory
20000803 Possible Access Control Bypass and Denial of Service in Gigabit Switch Routers Using Gigabit Ethernet or Fast Ethernet Cards

Source: CCN
Type: Cisco Systems Field Notice, June 10, 1999
Cisco IOS Software established Access List Keyword Error

Source: OSVDB
Type: UNKNOWN
793

Source: OSVDB
Type: UNKNOWN
798

Source: CCN
Type: OSVDB ID: 793
Cisco Gigabit Switch Routers (GSR) Line Card Failure ACL Bypass

Source: CCN
Type: OSVDB ID: 798
Cisco Gigabit Switch Routers (GSR) Line Card Failure Remote DoS

Source: CCN
Type: OSVDB ID: 8893
Cisco Gigabit Switch Routers Established Keyword Packet Forwarding

Source: BID
Type: Patch, Vendor Advisory
1541

Source: CCN
Type: BID-1541
Cisco Gigabit Switch Router with Fast/Gigabit Ethernet Cards ACL Bypass/DoS Vulnerabilities

Source: XF
Type: UNKNOWN
cisco-gigaswitch(2267)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:ios:11.2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(8):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(10):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2p:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.3:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.3(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(2):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(3):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(4):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(5):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(6):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(7)t:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/h:cisco:gigabit_switch_router_12008:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:gigabit_switch_router_12012:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:gigabit_switch_router_12016:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:cisco:ios:12.0:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.1:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.3:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2p:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:gigabit_switch_router_12008:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:gigabit_switch_router_12012:*:*:*:*:*:*:*:*
  • OR cpe:/h:cisco:gigabit_switch_router_12016:*:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(10):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(8):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(14)gs2:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.2(15)g:*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:11.3(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(1):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(2):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(3):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(4):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(5):*:*:*:*:*:*:*
  • OR cpe:/o:cisco:ios:12.0(6):*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:4937
    V
    		Cisco Gigabit Switch Routers (GSR) Authentication Circumvention Vulnerability
    2008-09-08
    BACK
    cisco ios 11.2
    cisco ios 11.2(8)
    cisco ios 11.2(10)
    cisco ios 11.2p
    cisco ios 11.3
    cisco ios 11.3(1)
    cisco ios 12.0
    cisco ios 12.0(1)
    cisco ios 12.0(2)
    cisco ios 12.0(3)
    cisco ios 12.0(4)
    cisco ios 12.0(5)
    cisco ios 12.0(6)
    cisco ios 12.0(7)t
    cisco ios 12.1
    cisco gigabit switch router 12008 *
    cisco gigabit switch router 12012 *
    cisco gigabit switch router 12016 *
    cisco ios 12.0
    cisco ios 12.1
    cisco ios 11.2
    cisco ios 11.3
    cisco ios 11.2p
    cisco gigabit switch router 12008 *
    cisco gigabit switch router 12012 *
    cisco gigabit switch router 12016 *
    cisco ios 11.2(10)
    cisco ios 11.2(8)
    cisco ios 11.2(14)gs2
    cisco ios 11.2(15)g
    cisco ios 11.3(1)
    cisco ios 12.0(1)
    cisco ios 12.0(2)
    cisco ios 12.0(3)
    cisco ios 12.0(4)
    cisco ios 12.0(5)
    cisco ios 12.0(6)