Vulnerability Name: | CVE-2011-2581 (CCN-69639) | ||||||||
Assigned: | 2011-09-07 | ||||||||
Published: | 2011-09-07 | ||||||||
Updated: | 2022-04-05 | ||||||||
Summary: | The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-264 | ||||||||
Vulnerability Consequences: | Bypass Security | ||||||||
References: | Source: MITRE Type: CNA CVE-2011-2581 Source: CCN Type: SA45883 Cisco Nexus Series Switches ACL Deny Statement Security Bypass Security Issue Source: SECUNIA Type: UNKNOWN 45883 Source: CCN Type: cisco-sa-20110907-nexus Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability Source: CISCO Type: Vendor Advisory 20110907 Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability Source: CCN Type: OSVDB ID: 75246 Cisco Nexus Series Switches ACL Deny Statement Security Bypass Source: CCN Type: BID-49490 Cisco Nexus 5000 and 3000 Series Switches ACL Security Bypass Vulnerability Source: SECTRACK Type: UNKNOWN 1026019 Source: XF Type: UNKNOWN cisco-nxos-acl-security-bypass(69639) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration CCN 1: ![]() | ||||||||
BACK |