Security Bypass Vulnerability in Cisco ASR 9000 Devices
CVE-2015-0694

Currently unrated

Key Information:

Vendor: Cisco
Status: Ios Xr; Asr 9001; Asr 9006; Asr 9010
Vendor: CVE Published:; 11 April 2015

Summary

The vulnerability in Cisco ASR 9000 devices stems from the failure to enforce single-host constraints on certain ACL (Access Control List) entries. This oversight allows remote attackers to circumvent intended access restrictions, potentially gaining unauthorized access to network resources that should normally be protected. Specifically, an attacker can exploit this weakness by using an address that would otherwise be disallowed, thereby compromising the security model originally intended. This issue is linked to Bug ID CSCur28806, which highlights the importance of proper ACL configuration in network devices.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1032059

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Apr 11, 2015
Vulnerability Reserved
Jan 7, 2015