Cisco IOS contains a vulnerability whereby a remote, unauthenticated attacker could bypass configured encryption policies on a vulnerable IOS device. This could allow an attacker to gain access to sensitive information.
Cisco IOS 15.1M 15.1(4)M, 15.1(4)M0a, 15.1(4)M0b, 15.1(4)M1, 15.1(4)M10, 15.1(4)M2, 15.1(4)M3, 15.1(4)M3a, 15.1(4)M4, 15.1(4)M5, 15.1(4)M6, 15.1(4)M7, and 15.1(4)M8
No Exploit Available
Cisco IOS contains a vulnerability within the default policies set in place to allow GDOI (Group Domain of Interpretation) traffic to travel in the clear (unencrypted) to allow the GET VPN group members to communicate with VPN key servers. Traffic over UDP port 848 will bypass encryption.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 19765 - Cisco IOS GET VPN Encryption Policy Bypass (Zero-Day) - SNMP
No reasonable mitigations are available currently.