CVE-2011-2581 - OpenCVE

The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Nexus 3000 Nexus 5000 Nx-os

Configuration 1 [-]

AND

OR	cpe:2.3:a:cisco:nx-os:5.0\(2\):::::::*
	cpe:2.3:a:cisco:nx-os:5.0\(3\)n1\(1\):::::::*
	cpe:2.3:a:cisco:nx-os:5.0\(3\)n1\(1a\):::::::*
	cpe:2.3:a:cisco:nx-os:5.0\(3\)n1\(1b\):::::::*
	cpe:2.3:o:cisco:nx-os:5.0\(3\):::::::*
	cpe:2.3:o:cisco:nx-os:5.0\(3\)n1\(1c\):::::::*

cpe:2.3:h:cisco:nexus_5000:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os:5.0\(3\)u1\(1a\):::::::*
	cpe:2.3:o:cisco:nx-os:5.0\(3\)u1\(1b\):::::::*
	cpe:2.3:o:cisco:nx-os:5.0\(3\)u1\(1d\):::::::*

cpe:2.3:h:cisco:nexus_3000:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://secunia.com/advisories/45883
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml
http://www.securitytracker.com/id?1026019

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2011-09-14T15:00:00

Updated: 2024-08-06T23:08:23.145Z

Reserved: 2011-06-27T00:00:00

Link: CVE-2011-2581

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-09-14T16:05:23.603

Modified: 2022-04-05T15:52:44.640

Link: CVE-2011-2581

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-09-07T00:00:00", "descriptions": [{"lang": "en", "value": "The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-10-06T09:00:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1026019", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1026019"}, {"name": "20110907 Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"name": "45883", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45883"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2011-2581", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1026019", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1026019"}, {"name": "20110907 Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"name": "45883", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/45883"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:08:23.145Z"}, "title": "CVE Program Container", "references": [{"name": "1026019", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1026019"}, {"name": "20110907 Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"name": "45883", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/45883"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2011-2581", "datePublished": "2011-09-14T15:00:00", "dateReserved": "2011-06-27T00:00:00", "dateUpdated": "2024-08-06T23:08:23.145Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "464FDB26-D6B4-41A4-83F4-8C7D21F3AC51", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "BD01F15F-2465-4998-A6F7-AD9D4B3468AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(3\\)n1\\(1a\\):*:*:*:*:*:*:*", "matchCriteriaId": "3709E352-CEEC-402A-BEF8-3E5A5646DA6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(3\\)n1\\(1b\\):*:*:*:*:*:*:*", "matchCriteriaId": "023C7483-94B7-47AC-AB57-978A57D85148", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "16131960-37FE-4154-A82C-E3249B066DC4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n1\\(1c\\):*:*:*:*:*:*:*", "matchCriteriaId": "B4B91092-DE54-4591-9C0F-A22A04AB71E9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5000:*:*:*:*:*:*:*:*", "matchCriteriaId": "FFB04F2B-04E2-4EB1-83BA-4F7537AF1099", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BD515AB-ECE5-480F-AA30-172CF4161834", "versionEndIncluding": "5.0\\(3\\)u1\\(2\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1a\\):*:*:*:*:*:*:*", "matchCriteriaId": "F8C124BA-D5FC-422A-B3F4-AC1A41B7EEE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1b\\):*:*:*:*:*:*:*", "matchCriteriaId": "F358E8D0-624B-412A-8726-B8AF96156317", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1d\\):*:*:*:*:*:*:*", "matchCriteriaId": "17A4CE07-64FF-4C5C-81FF-A2388818CF7F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3000:*:*:*:*:*:*:*:*", "matchCriteriaId": "61F9825B-DD64-4E38-9AE0-F87C210ADD9D", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490."}, {"lang": "es", "value": "La implementaci\u00f3n de ACL en Cisco NX-OS v5.0(2) y v5.0(3) antes de 5.0(3)N2(1) en los switches Nexus serie 5000 y NX-OS antes de 5.0(3)U1(2a) en los switches Nexus serie 3000, no maneja adecuadamente los comentarios en las declaraciones negadas, lo que permite a atacantes remotos evitar las restricciones de acceso previsto en circunstancias oportunas mediante el env\u00edo de paquetes. Se trata de un problema tambi\u00e9n conocido como Bug ID CSCto09813 y CSCtr61490."}], "id": "CVE-2011-2581", "lastModified": "2022-04-05T15:52:44.640", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-09-14T16:05:23.603", "references": [{"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/45883"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id?1026019"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}