CVE-2011-4667

Name of the Vulnerable Software and Affected Versions Cisco IOS Software versions 15.2(1)T through 15.2(2)T Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module versions prior to 5.2(6) Cisco IOS in Cisco VPN Services Port Adaptor for Catalyst 6500 versions 12.2(33)SXI and 12.2(33)SXJ

Description The encryption library in the affected software allows remote attackers to obtain unencrypted packets from encrypted sessions when IP Security (IPSec) is used, such as in VPN environments. This could enable an unauthenticated, remote attacker to access sensitive information on a targeted system. The vulnerability occurs because a portion of an encrypted packet can be sent unencrypted in the following packet. To exploit this vulnerability, an attacker must have access to a specific combination of hardware modules and encryption libraries in a targeted device, which may require access to internal, trusted networks. A successful exploit requires an attacker to have access to the encrypted packet stream, but the attacker cannot control which packets or what portion of the packet will be subject to this vulnerability.

Recommendations For Cisco IOS Software versions 15.2(1)T through 15.2(2)T, update to a fixed version of the software. For Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module versions prior to 5.2(6), update to version 5.2(6) or later. For Cisco IOS in Cisco VPN Services Port Adaptor for Catalyst 6500 versions 12.2(33)SXI and 12.2(33)SXJ, update to a fixed version of the software. As a temporary workaround, consider restricting access to the encrypted packet stream to minimize the risk of exploitation.