Cisco IOS 15.4(1)t1 Bypass a restriction or similar Vulnerability
13 Jan. 2017
The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847.
A vulnerability in the Zone-Based Firewall feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass security rules and gain access to restricted resources.
The vulnerability is due to insufficient zone checking for traffic belonging to existing sessions by the affected software. An attacker could exploit this vulnerability to inject and pass spoofed traffic that matches existing connections on a targeted device. A successful exploit could allow the attacker to bypass security rules on the device and gain unauthorized access to resources, which could be leveraged to conduct further attacks.