Published: 06/10/2016 Updated: 30/07/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote malicious users to bypass intended access restrictions by sending packets that should have been recognized by a filter, aka Bug ID CSCuy64806.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 12.2\\(33\\)sxj9

A vulnerability in the ternary content addressable memory (TCAM) share access control list (ACL) functionality of Cisco IOS Software running on Supervisor Engine 720 and Supervisor Engine 32 Modules for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers could allow an unauthenticated, remote attacker to bypass access control entries ...

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-catalyst http://www.securityfocus.com/bid/93404 http://www.securitytracker.com/id/1036954 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-catalyst

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-6422

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect