Cisco Carrier Routing System Security Bypass Vulnerability

Cisco Carrier Routing System contains a vulnerability that could allow an unauthenticated, remote attacker to bypass security protections and gain unauthorized network access.

The vulnerability is due to improper handling of IP version 4 (IPv4) fragments in the affected device. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious requests to the device. When processed, the requests could bypass access control entries (ACEs), allowing the attacker to send network requests to restricted network segments.

Cisco has confirmed this vulnerability and released software updates.

The vulnerability affects only systems that use ACLs to restrict access to specific network segments or hosts and only for noninitial IPv4 fragments. This vulnerability does not apply to nonfragments or to the initial fragment.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.