CVE-2012-0338

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2 through 12.4 and 15.0

Description The issue concerns the Cisco IOS operating system, which fails to recognize the vrf-also keyword during the execution of access-class commands. This allows a remote attacker to establish a network connection using the TELNET or SSH protocol from arbitrary source IP addresses.

Recommendations For Cisco IOS versions 12.2 through 12.4, consider restricting access to the access-class command until a patch is available. For Cisco IOS version 15.0, restrict access to the access-class command until a patch is available. As a temporary workaround, consider disabling the use of the vrf-also keyword in access-class commands to minimize the risk of exploitation.