Cisco IOS XR Software Compression ACL Bypass (cisco-sa-comp3acl-vGmp6BQ3)

medium Nessus Plugin ID 185165

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco IOS XR is affected by a vulnerability.

- A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to incorrect destination address range encoding in the compression module of an ACL that is applied to an interface of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting.
There are workarounds that address this vulnerability. This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication . (CVE-2023-20190)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwe08950

See Also

http://www.nessus.org/u?c94a1e6b

http://www.nessus.org/u?6a0abd7f

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe08950

Plugin Details

Severity: Medium

ID: 185165

File Name: cisco-sa-comp3acl-vGmp6BQ3-iosxr.nasl

Version: 1.1

Type: combined

Family: CISCO

Published: 11/7/2023

Updated: 11/8/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2023-20190

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios_xr

Required KB Items: Host/Cisco/IOS-XR/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/13/2023

Vulnerability Publication Date: 9/13/2023

Reference Information

CVE: CVE-2023-20190

CISCO-SA: cisco-sa-comp3acl-vGmp6BQ3

CISCO-BUG-ID: CSCwe08950