ACL Bypass Vulnerability in Cisco ASR 9000 Devices (Bug ID CSCur28806)

ACL Bypass Vulnerability in Cisco ASR 9000 Devices (Bug ID CSCur28806)

CVE-2015-0694 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.

Learn more about our Network Penetration Testing.