Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

CVE-2024-20316

A vulnerability in the data model interface (DMI) services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to access resources that should have been protected by a configured IPv4 access control list (ACL). This vulnerability is due to improper handling of error conditions when a successfully authorized device administrator updates an IPv4 ACL using the NETCONF or RESTCONF protocol, and the update would reorder access control entries (ACEs) in the updated ACL. An attacker could exploit this vulnerability by accessing resources that should have been protected across an affected device.

SeverityMEDIUM
CVSS5.8
CWECWE-390
KEV
Published
Modified

Related Products

Product Advisory Evidence
Cisco IOS cisco-sa-dmi-acl-bypass-Xv8FO8Vz Cisco OpenVuln
Cisco IOS XE Software cisco-sa-dmi-acl-bypass-Xv8FO8Vz Cisco OpenVuln
Cisco Catalyst 9600 Series Switches cisco-sa-dmi-acl-bypass-Xv8FO8Vz Cisco OpenVuln · software-dependent
Cisco Catalyst 9500 Series Switches cisco-sa-dmi-acl-bypass-Xv8FO8Vz Cisco OpenVuln · software-dependent
Cisco Catalyst 9400 Series Switches cisco-sa-dmi-acl-bypass-Xv8FO8Vz Cisco OpenVuln · software-dependent
Cisco Catalyst 9200 Series Switches cisco-sa-dmi-acl-bypass-Xv8FO8Vz Cisco OpenVuln · software-dependent
Cisco Catalyst 9300 Series Switches cisco-sa-dmi-acl-bypass-Xv8FO8Vz Cisco OpenVuln · software-dependent