CVE-2023-20191 (ios_xr)

A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.

This vulnerability is due to incomplete support for this feature. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.

There are workarounds that address this vulnerability.




This …

access access control acl attacker bypass cisco cisco ios cisco ios xr control cve device exploit feature ios list mpls send software support traffic unauthenticated vulnerability