Improper Compression in Cisco IOS XR on ASR 9000 Devices Allows ACL Bypass (Bug ID CSCup30133)

Improper Compression in Cisco IOS XR on ASR 9000 Devices Allows ACL Bypass (Bug ID CSCup30133)

CVE-2014-3396 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.

Learn more about our Cis Benchmark Audit For Apple Ios.