Title: Cisco IOS established Access List Keyword Vulnerability
Severity: HIGH
Description:
A vulnerability in certain versions of the Cisco IOS software running in the Cisco 12000 series Gigabit Switch Routers may allow a remote attacker to bypass security restrictions.
The issue allows a vulnerable device to forward unauthorized traffic regardless of security restrictions. The issue occurs due to an error in the processing of the 'established' keyword in an access-list statement.
Specifically, this issue presents itself when an affected router carries out the following command:
access-list 101 permit tcp any any established
It is reported that the vulnerable devices ignore the 'established' keyword and forward all TCP traffic to the relevant interface.
Cisco Gigabit Switch Routers running Cisco IOS software release 11.2(14)GS2 to 11.2(15)GS3 are vulnerable to this issue.
Affected Products:
- Cisco IOS 11.2
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
