Vulnerability Description
Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote attackers to bypass intended access restrictions by sending packets that should have been recognized by a filter, aka Bug ID CSCuy64806.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios | 12.2\(33\)sxj9 |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20MitigationVendor Advisory
- http://www.securityfocus.com/bid/93404
- http://www.securitytracker.com/id/1036954
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20MitigationVendor Advisory
- http://www.securityfocus.com/bid/93404
- http://www.securitytracker.com/id/1036954
FAQ
What is CVE-2016-6422?
CVE-2016-6422 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco IOS 12.2(33)SXJ9 on Supervisor Engine 32 and 720 modules for 6500 and 7600 devices mishandles certain operators, flags, and keywords in TCAM share ACLs, which allows remote attackers to bypass i...
How severe is CVE-2016-6422?
CVE-2016-6422 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-6422?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios.