Vulnerability Bulletins

Cisco IOS XR Software Compression ACL Bypass Vulnerability

System information

Affected software Cisco


A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to incorrect destination address range encoding in the compression module of an ACL that is applied to an interface of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that

More info:

Standar resources

Property Value
CVE CVE-2023-20190.

Version history

Version Comments Date
1.0 Advisory issued 2023-09-14
Ministerio de Defensa