IOS and IOS/700 contain a flaw that may allow a malicious user to establish unauthorized connections. The issue is triggered when an attacker exploits a flaw in IOS to bypass CHAP authentication. It is possible that the flaw may allow arbitrary PPP connections resulting in unauthorized network traffic.
Upgrade to version indicated by Cisco product matrix, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.