CVE-2013-6979

Name of the Vulnerable Software and Affected Versions Cisco IOS XE versions 03.02.xxSE through 03.03.xxSE

Description The issue arises from the VTY authentication implementation in Cisco IOS XE, which incorrectly relies on the Linux-IOS internal-network configuration. This allows remote attackers to bypass authentication if they have access to a 192.168.x.2 source IP address. The vulnerability is due to incomplete validations of the Linux-IOS Internal Network interface, enabling an unauthenticated, remote attacker to access an affected device without authentication and perform actions with the privileges configured for the vty line interface. The attacker must have their source address in the 192.168.x.2 subnet and have IP communication to the Cisco IOS XE device to exploit this vulnerability. It is likely that an attacker would need access to trusted, internal networks to communicate with the targeted device, limiting the likelihood of a successful exploit.

Recommendations For Cisco IOS XE versions 03.02.xxSE through 03.03.xxSE, update to a newer version that includes the fix for this issue, as confirmed by Cisco in their security notice. As a temporary workaround, consider restricting access to the vty line interface to minimize the risk of exploitation.