Cisco IOS XR Software Management Interface ACL Bypass Vulnerability

A vulnerability exists in Cisco IOS XR Software's management interface access control list (ACL) processing. It allows an unauthenticated, remote attacker to bypass ACLs configured for SSH, NetConf, and gRPC features. This issue arises because management interface ACLs are not supported on Cisco IOS XR Software Packet I/O infrastructure platforms for Linux-handled features like SSH, NetConf, or gRPC. Exploitation involves sending traffic to an affected device, potentially allowing the attacker to bypass an ingress ACL on the management interface.

Impact

Exploitation of this vulnerability could lead to unauthorized access by allowing an attacker to bypass management interface ACLs, thereby gaining access to services like SSH, NetConf, or gRPC, depending on the platform and configuration.

Remediation

Cisco has released software updates that address this vulnerability. For platforms that cannot be upgraded, a workaround is available. Contact the Cisco Technical Assistance Center (TAC) to coordinate the implementation of this workaround.