Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-DMI-ACL-BYPASS-XV8FO8VZ
HistoryMar 27, 2024 - 4:00 p.m.

Cisco IOS XE Software NETCONF/RESTCONF IPv4 Access Control List Bypass Vulnerability

2024-03-2716:00:00
tools.cisco.com
11
cisco
ios xe
dmi
ipv4
acl
bypass
vulnerability
netconf
restconf
remote
update
aces
security advisory
software
advisory bundled publication

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

A vulnerability in the data model interface (DMI) services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access resources that should have been protected by a configured IPv4 access control list (ACL).

This vulnerability is due to improper handling of error conditions when a successfully authorized device administrator updates an IPv4 ACL using the NETCONF or RESTCONF protocol, and the update would reorder access control entries (ACEs) in the updated ACL. An attacker could exploit this vulnerability by accessing resources that should have been protected across an affected device.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dmi-acl-bypass-Xv8FO8Vz [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dmi-acl-bypass-Xv8FO8Vz”]

This advisory is part of the March 2024 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2024 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication [“https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75056”].

Affected configurations

Vulners
Node
ciscorvs4000_softwareMatch16.3
OR
ciscorvs4000_softwareMatch16.4
OR
ciscorvs4000_softwareMatch16.5
OR
ciscorvs4000_softwareMatch16.6
OR
ciscorvs4000_softwareMatch16.7
OR
ciscorvs4000_softwareMatch16.8
OR
ciscorvs4000_softwareMatch16.9
OR
ciscorvs4000_softwareMatch16.10
OR
ciscorvs4000_softwareMatch16.11
OR
ciscorvs4000_softwareMatch16.12
OR
ciscorvs4000_softwareMatch17.1
OR
ciscorvs4000_softwareMatch17.2
OR
ciscorvs4000_softwareMatch17.3
OR
ciscorvs4000_softwareMatch17.4
OR
ciscorvs4000_softwareMatch17.5
OR
ciscorvs4000_softwareMatch17.6
OR
ciscorvs4000_softwareMatch17.7
OR
ciscorvs4000_softwareMatch17.10
OR
ciscorvs4000_softwareMatch17.8
OR
ciscorvs4000_softwareMatch17.9
OR
ciscorvs4000_softwareMatch17.11
OR
ciscorvs4000_softwareMatch17.12
OR
ciscorvs4000_softwareMatch17.11sw
OR
ciscorvs4000_softwareMatch16.3.1
OR
ciscorvs4000_softwareMatch16.3.2
OR
ciscorvs4000_softwareMatch16.3.3
OR
ciscorvs4000_softwareMatch16.3.1a
OR
ciscorvs4000_softwareMatch16.3.4
OR
ciscorvs4000_softwareMatch16.3.5
OR
ciscorvs4000_softwareMatch16.3.5b
OR
ciscorvs4000_softwareMatch16.3.6
OR
ciscorvs4000_softwareMatch16.3.7
OR
ciscorvs4000_softwareMatch16.3.8
OR
ciscorvs4000_softwareMatch16.3.9
OR
ciscorvs4000_softwareMatch16.3.10
OR
ciscorvs4000_softwareMatch16.3.11
OR
ciscorvs4000_softwareMatch16.4.1
OR
ciscorvs4000_softwareMatch16.4.2
OR
ciscorvs4000_softwareMatch16.4.3
OR
ciscorvs4000_softwareMatch16.5.1
OR
ciscorvs4000_softwareMatch16.5.1a
OR
ciscorvs4000_softwareMatch16.5.1b
OR
ciscorvs4000_softwareMatch16.5.2
OR
ciscorvs4000_softwareMatch16.5.3
OR
ciscorvs4000_softwareMatch16.6.1
OR
ciscorvs4000_softwareMatch16.6.2
OR
ciscorvs4000_softwareMatch16.6.3
OR
ciscorvs4000_softwareMatch16.6.4
OR
ciscorvs4000_softwareMatch16.6.5
OR
ciscorvs4000_softwareMatch16.6.4s
OR
ciscorvs4000_softwareMatch16.6.4a
OR
ciscorvs4000_softwareMatch16.6.5a
OR
ciscorvs4000_softwareMatch16.6.6
OR
ciscorvs4000_softwareMatch16.6.5b
OR
ciscorvs4000_softwareMatch16.6.7
OR
ciscorvs4000_softwareMatch16.6.7a
OR
ciscorvs4000_softwareMatch16.6.8
OR
ciscorvs4000_softwareMatch16.6.9
OR
ciscorvs4000_softwareMatch16.6.10
OR
ciscorvs4000_softwareMatch16.7.1
OR
ciscorvs4000_softwareMatch16.7.2
OR
ciscorvs4000_softwareMatch16.7.3
OR
ciscorvs4000_softwareMatch16.8.1
OR
ciscorvs4000_softwareMatch16.8.1a
OR
ciscorvs4000_softwareMatch16.8.1b
OR
ciscorvs4000_softwareMatch16.8.1s
OR
ciscorvs4000_softwareMatch16.8.1c
OR
ciscorvs4000_softwareMatch16.8.2
OR
ciscorvs4000_softwareMatch16.8.3
OR
ciscorvs4000_softwareMatch16.9.1
OR
ciscorvs4000_softwareMatch16.9.2
OR
ciscorvs4000_softwareMatch16.9.1a
OR
ciscorvs4000_softwareMatch16.9.1b
OR
ciscorvs4000_softwareMatch16.9.1s
OR
ciscorvs4000_softwareMatch16.9.1c
OR
ciscorvs4000_softwareMatch16.9.1d
OR
ciscorvs4000_softwareMatch16.9.3
OR
ciscorvs4000_softwareMatch16.9.2a
OR
ciscorvs4000_softwareMatch16.9.2s
OR
ciscorvs4000_softwareMatch16.9.3h
OR
ciscorvs4000_softwareMatch16.9.4
OR
ciscorvs4000_softwareMatch16.9.3s
OR
ciscorvs4000_softwareMatch16.9.3a
OR
ciscorvs4000_softwareMatch16.9.4c
OR
ciscorvs4000_softwareMatch16.9.5
OR
ciscorvs4000_softwareMatch16.9.5f
OR
ciscorvs4000_softwareMatch16.9.6
OR
ciscorvs4000_softwareMatch16.9.7
OR
ciscorvs4000_softwareMatch16.9.8
OR
ciscorvs4000_softwareMatch16.9.8a
OR
ciscorvs4000_softwareMatch16.9.8b
OR
ciscorvs4000_softwareMatch16.10.1
OR
ciscorvs4000_softwareMatch16.10.1a
OR
ciscorvs4000_softwareMatch16.10.1b
OR
ciscorvs4000_softwareMatch16.10.1s
OR
ciscorvs4000_softwareMatch16.10.1e
OR
ciscorvs4000_softwareMatch16.10.2
OR
ciscorvs4000_softwareMatch16.10.3
OR
ciscorvs4000_softwareMatch16.11.1
OR
ciscorvs4000_softwareMatch16.11.1a
OR
ciscorvs4000_softwareMatch16.11.1b
OR
ciscorvs4000_softwareMatch16.11.2
OR
ciscorvs4000_softwareMatch16.11.1s
OR
ciscorvs4000_softwareMatch16.11.1c
OR
ciscorvs4000_softwareMatch16.12.1
OR
ciscorvs4000_softwareMatch16.12.1s
OR
ciscorvs4000_softwareMatch16.12.1a
OR
ciscorvs4000_softwareMatch16.12.1c
OR
ciscorvs4000_softwareMatch16.12.2
OR
ciscorvs4000_softwareMatch16.12.2a
OR
ciscorvs4000_softwareMatch16.12.3
OR
ciscorvs4000_softwareMatch16.12.8
OR
ciscorvs4000_softwareMatch16.12.2s
OR
ciscorvs4000_softwareMatch16.12.1t
OR
ciscorvs4000_softwareMatch16.12.2t
OR
ciscorvs4000_softwareMatch16.12.4
OR
ciscorvs4000_softwareMatch16.12.3s
OR
ciscorvs4000_softwareMatch16.12.3a
OR
ciscorvs4000_softwareMatch16.12.4a
OR
ciscorvs4000_softwareMatch16.12.5
OR
ciscorvs4000_softwareMatch16.12.6
OR
ciscorvs4000_softwareMatch16.12.5a
OR
ciscorvs4000_softwareMatch16.12.5b
OR
ciscorvs4000_softwareMatch16.12.6a
OR
ciscorvs4000_softwareMatch16.12.7
OR
ciscorvs4000_softwareMatch16.12.9
OR
ciscorvs4000_softwareMatch16.12.10
OR
ciscorvs4000_softwareMatch16.12.10a
OR
ciscorvs4000_softwareMatch16.12.11
OR
ciscorvs4000_softwareMatch17.1.1
OR
ciscorvs4000_softwareMatch17.1.1a
OR
ciscorvs4000_softwareMatch17.1.1s
OR
ciscorvs4000_softwareMatch17.1.2
OR
ciscorvs4000_softwareMatch17.1.1t
OR
ciscorvs4000_softwareMatch17.1.3
OR
ciscorvs4000_softwareMatch17.2.1
OR
ciscorvs4000_softwareMatch17.2.1r
OR
ciscorvs4000_softwareMatch17.2.1a
OR
ciscorvs4000_softwareMatch17.2.1v
OR
ciscorvs4000_softwareMatch17.2.2
OR
ciscorvs4000_softwareMatch17.2.3
OR
ciscorvs4000_softwareMatch17.3.1
OR
ciscorvs4000_softwareMatch17.3.2
OR
ciscorvs4000_softwareMatch17.3.3
OR
ciscorvs4000_softwareMatch17.3.1a
OR
ciscorvs4000_softwareMatch17.3.2a
OR
ciscorvs4000_softwareMatch17.3.3a
OR
ciscorvs4000_softwareMatch17.3.4
OR
ciscorvs4000_softwareMatch17.3.5
OR
ciscorvs4000_softwareMatch17.3.4a
OR
ciscorvs4000_softwareMatch17.3.6
OR
ciscorvs4000_softwareMatch17.3.4b
OR
ciscorvs4000_softwareMatch17.3.4c
OR
ciscorvs4000_softwareMatch17.3.5a
OR
ciscorvs4000_softwareMatch17.3.5b
OR
ciscorvs4000_softwareMatch17.3.7
OR
ciscorvs4000_softwareMatch17.3.8
OR
ciscorvs4000_softwareMatch17.3.8a
OR
ciscorvs4000_softwareMatch17.4.1
OR
ciscorvs4000_softwareMatch17.4.2
OR
ciscorvs4000_softwareMatch17.4.1a
OR
ciscorvs4000_softwareMatch17.4.1b
OR
ciscorvs4000_softwareMatch17.4.1c
OR
ciscorvs4000_softwareMatch17.4.2a
OR
ciscorvs4000_softwareMatch17.5.1
OR
ciscorvs4000_softwareMatch17.5.1a
OR
ciscorvs4000_softwareMatch17.5.1b
OR
ciscorvs4000_softwareMatch17.5.1c
OR
ciscorvs4000_softwareMatch17.6.1
OR
ciscorvs4000_softwareMatch17.6.2
OR
ciscorvs4000_softwareMatch17.6.1a
OR
ciscorvs4000_softwareMatch17.6.3
OR
ciscorvs4000_softwareMatch17.6.3a
OR
ciscorvs4000_softwareMatch17.6.4
OR
ciscorvs4000_softwareMatch17.6.5
OR
ciscorvs4000_softwareMatch17.6.6
OR
ciscorvs4000_softwareMatch17.6.6a
OR
ciscorvs4000_softwareMatch17.6.5a
OR
ciscorvs4000_softwareMatch17.7.1
OR
ciscorvs4000_softwareMatch17.7.1a
OR
ciscorvs4000_softwareMatch17.7.1b
OR
ciscorvs4000_softwareMatch17.7.2
OR
ciscorvs4000_softwareMatch17.10.1
OR
ciscorvs4000_softwareMatch17.10.1a
OR
ciscorvs4000_softwareMatch17.10.1b
OR
ciscorvs4000_softwareMatch17.8.1
OR
ciscorvs4000_softwareMatch17.8.1a
OR
ciscorvs4000_softwareMatch17.9.1
OR
ciscorvs4000_softwareMatch17.9.2
OR
ciscorvs4000_softwareMatch17.9.1a
OR
ciscorvs4000_softwareMatch17.9.3
OR
ciscorvs4000_softwareMatch17.9.2a
OR
ciscorvs4000_softwareMatch17.9.3a
OR
ciscorvs4000_softwareMatch17.9.4
OR
ciscorvs4000_softwareMatch17.9.4a
OR
ciscorvs4000_softwareMatch17.11.1
OR
ciscorvs4000_softwareMatch17.11.1a
OR
ciscorvs4000_softwareMatch17.12.1
OR
ciscorvs4000_softwareMatch17.12.1a
OR
ciscorvs4000_softwareMatch17.12.2
OR
ciscorvs4000_softwareMatch17.12.2a
OR
ciscorvs4000_softwareMatch17.11.99sw

Related

nvd 1
nessus 1
cve 1
vulnrichment 1
cvelist 1
nvd
nvd
CVE-2024-20316
2024-03-27 17:15:53
nessus
nessus
Cisco IOS XE Software NETCONF/RESTCONF IPv4 Access Control List Bypass (cisco-sa-dmi-acl-bypass-Xv8FO8Vz)
2024-03-28 00:00:00
cve
cve
CVE-2024-20316
2024-03-27 17:15:53
vulnrichment
vulnrichment
CVE-2024-20316
2024-03-27 16:49:03
cvelist
cvelist
CVE-2024-20316
2024-03-27 16:49:03

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for CISCO-SA-DMI-ACL-BYPASS-XV8FO8VZ
nvd1nessus1cve1vulnrichment1cvelist1