CVE-2014-2146

Name of the Vulnerable Software and Affected Versions Cisco IOS versions prior to 15.4 Cisco IOS XE versions prior to 3.13

Description The issue concerns the Zone-Based Firewall functionality, which improperly handles zone checking for existing sessions. This allows remote attackers to bypass intended resource-access restrictions by sending spoofed traffic that matches one of these existing sessions.

Recommendations For Cisco IOS versions prior to 15.4, update to version 15.4 or later to resolve the issue. For Cisco IOS XE versions prior to 3.13, update to version 3.13 or later to resolve the issue.