Cisco Bug: CSCur24059 - Control Plane ACL Not Working for Redirected HTTP Traffic
Last Modified
Apr 16, 2020
Products (1)
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
9.0(4)
Description (partial)
Symptom: For HTTP traffic redirected by the 'aaa authentication listener http inside port (x) redirect' command, port (x) is not blocked when control-plane ACL is applied. Conditions: access-list TEST extended deny tcp any any eq 900 access-list MATCH extended permit tcp any any eq www ! access-group TEST in interface inside control-plane ! aaa authentication match MATCH inside LOCAL aaa authentication listener http inside port 900 redirect
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases