CVE-2016-6422

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2(33)SXJ9

Description The issue is related to the improper handling of certain operators, flags, and keywords in TCAM share ACLs, allowing remote attackers to bypass intended access restrictions. This is due to the improper implementation of PACL logic for ACEs that include a greater than operator, a less than operator, a tcp flag, the established keyword, or the range keyword. An attacker could exploit this by sending packets that meet one or more filter criteria through an affected device, potentially bypassing the filters defined in the PACL for a targeted system.

Recommendations For Cisco IOS version 12.2(33)SXJ9, update to a newer version that addresses this issue, as software updates have been released by Cisco. As a temporary workaround, consider restricting access to the vulnerable TCAM share ACL functionality until a patch is applied. Additionally, applying the available workarounds could help mitigate this issue.