Bypassing DCERPC-only ACL in Cisco ASA Software (Bug ID CSCuu67782)

Bypassing DCERPC-only ACL in Cisco ASA Software (Bug ID CSCuu67782)

CVE-2015-6423 · LOW Severity

AV:N/AC:M/AU:S/C:P/I:N/A:N

The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 through 9.5.1 allows remote authenticated users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic, aka Bug ID CSCuu67782.

Learn more about our Cis Benchmark Audit For Cisco.