CVE-2016-6422

Published on: 10/06/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:11 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Certain versions of Ios from Cisco contain the following vulnerability:

Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote attackers to bypass intended access restrictions by sending packets that should have been recognized by a filter, aka Bug ID CSCuy64806.

  • CVE-2016-6422 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.5 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH NONE NONE

CVSS2 Score: 4.3 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL NONE NONE

CVE References

Description Tags Link
Cisco IOS Lets Remote Users Bypass Port Access Controls on the Target System - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1036954
Cisco Catalyst 6500 Series Switches and 7600 Series Routers Information Disclosure Vulnerability cve.report (archive)
text/html
URL Logo BID 93404
Cisco IOS Software for Cisco Catalyst 6500 Series Switches and 7600 Series Routers ACL Bypass Vulnerability Mitigation
Vendor Advisory
tools.cisco.com
text/html
URL Logo CISCO 20161005 Cisco IOS Software for Cisco Catalyst 6500 Series Switches and 7600 Series Routers ACL Bypass Vulnerability

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
CiscoIos12.2\(33\)sxj9AllAllAll
Operating
System
CiscoIos12.2\(33\)sxj9AllAllAll
  • cpe:2.3:o:cisco:ios:12.2\(33\)sxj9:*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:ios:12.2\(33\)sxj9:*:*:*:*:*:*:*: