Cisco IOS XR Software Access Control List Bypass Vulnerability

A vulnerability exists in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software. It allows an unauthenticated, remote attacker to bypass a configured ACL. This issue arises when certain packets are incorrectly handled when received on an ingress interface of one line card and sent out of an egress interface on another line card with the ACL applied. Exploitation of this vulnerability could enable an attacker to bypass egress ACLs on affected devices.

Impact

Exploitation allows bypassing egress ACLs, potentially leading to unauthorized access or manipulation of network traffic.

Reproduction

The vulnerability can be reproduced by configuring an egress ACL on a line card and then sending traffic that is received on an ingress interface of a different line card. The ACL will not be applied to the misrouted packets, effectively bypassing the intended traffic control.

Remediation

Cisco has released software updates to address this vulnerability. For 8000 Series Modular Platforms, users should migrate to a fixed release. NCS 5500 Modular Platforms can upgrade to version 7.11.21 or later. For more information on specific upgrade instructions, consult the Cisco IOS XR Software Security Advisory Bundled Publication.