← back
CVE-2012-0384

CVE-2012-0384

EPSS 3.9%
Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS before 3.1.2S, 3.2.xS through 3.4.xS before 3.4.2S, 3.5.xS before 3.5.1S, and 3.1.xSG and 3.2.xSG before 3.2.2SG, when AAA authorization is enabled, allow remote authenticated users to bypass intended access restrictions and execute commands via a (1) HTTP or (2) HTTPS session, aka Bug ID CSCtr91106.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/80704http://secunia.com/advisories/48614http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-paihttp://www.securityfocus.com/bid/52755http://www.securitytracker.com/id?1026860