Vulnerability Bulletins

Cisco IOS XR Software Access Control List Bypass Vulnerability

System information

Affected software Cisco


A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incomplete support for this feature. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device. Cisco has released software updates

More info:

Standar resources

Property Value
CVE CVE-2023-20191.

Version history

Version Comments Date
1.0 Advisory issued 2023-09-14
Ministerio de Defensa