Zone-Based Firewall Bypass Vulnerability in Cisco IOS and IOS XE

Zone-Based Firewall Bypass Vulnerability in Cisco IOS and IOS XE

CVE-2014-2146 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847.

Learn more about our Cis Benchmark Audit For Apple Ios.