Vulnslist

find the latest Cisco vulnerabilities

Cisco Aggregate Services Router 9000 ASR9K Security Bypass Vulnerability

Cisco-SA-20150409-CVE-2015-0694 · Medium · Published · Updated

A vulnerability in the Object-ACL matching process of Cisco Aggregation Services Router 9000 (ASR9K) could allow an unauthenticated, remote attacker to bypass the protection offered by a configured access control list (ACL) on an affected device. The vulnerability is due to ASR9K incorrectly handling host access control entries by incorrectly matching any address instead of the specified host address. An attacker could exploit this vulnerability to bypass the access control list leading to traffic loss or unwanted permits. Cisco has confirmed the vulnerability and released software updates. The impact of an exploit depends on ACLs in use on the affected system. Attackers who could bypass the configured ACLs could gain access to restricted network resources, possibly resulting in attackers gaining access to critical systems. Affected systems are not impacted if no ACLs are configured, or ACLs do not use host values. Specialized exploit code is not required to exploit the vulnerability.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to apply the appropriate updates.

Administrators are advised to replace the host value in configured ACLs with the ip/32 value.

Administrators are advised to monitor affected systems.

CVEsCVE-2015-0694
Cisco Bug IDsNA
CVSS ScoreBase 5.0
Base 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N/E:F/RL:OF/RC:C
Product Names From Source
Cisco ASR 9000 Series Aggregation Services Routers

Related Products

Product CVE Evidence