vulnerability

Cisco IOS: CVE-2016-6422: Cisco IOS Software for Cisco Catalyst 6500 Series Switches and 7600 Series Routers ACL Bypass Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	Oct 6, 2016	Oct 20, 2016	Oct 30, 2017

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

Oct 6, 2016

Added

Oct 20, 2016

Modified

Oct 30, 2017

Description

Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote attackers to bypass intended access restrictions by sending packets that should have been recognized by a filter, aka Bug ID CSCuy64806.

Solution

cisco-ios-upgrade-latest

References

BID-93404
CVE-2016-6422
https://attackerkb.com/topics/CVE-2016-6422
URL-http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-catalyst

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today