Hello everyone, An interesting question I got from one of my customers - how secure Cisco ASR management interface is? Meaning, how really *separate* it is.
Since after all, ASR CPU is connected to both the management interface and router forwarding matrix, hence providing at least theoretical path for data exfiltration. Now, I'm not talking about your friendly NSA, sending you especially crafted router nor one I've updated with the latest IOS downloaded from wehackyourbank.ru. Just plain ASR, running legitimate IOS image. Can a rogue employee configure a router in such a way, it will *forward* traffic between it regular and management interfaces? Maybe by dropping to routers' RP Linux shell and messing it up there? Is anybody ever heard of such attack or aware of CVE similar to the above? Your help will be highly appreciated, Thank you. _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
