{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-09-07T00:00:00", "descriptions": [{"lang": "en", "value": "The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-10-06T09:00:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1026019", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1026019"}, {"name": "20110907 Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"name": "45883", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45883"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2011-2581", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1026019", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1026019"}, {"name": "20110907 Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"name": "45883", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/45883"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:08:23.145Z"}, "title": "CVE Program Container", "references": [{"name": "1026019", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1026019"}, {"name": "20110907 Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"name": "45883", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/45883"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2011-2581", "datePublished": "2011-09-14T15:00:00", "dateReserved": "2011-06-27T00:00:00", "dateUpdated": "2024-08-06T23:08:23.145Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "464FDB26-D6B4-41A4-83F4-8C7D21F3AC51", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "BD01F15F-2465-4998-A6F7-AD9D4B3468AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(3\\)n1\\(1a\\):*:*:*:*:*:*:*", "matchCriteriaId": "3709E352-CEEC-402A-BEF8-3E5A5646DA6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(3\\)n1\\(1b\\):*:*:*:*:*:*:*", "matchCriteriaId": "023C7483-94B7-47AC-AB57-978A57D85148", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "16131960-37FE-4154-A82C-E3249B066DC4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n1\\(1c\\):*:*:*:*:*:*:*", "matchCriteriaId": "B4B91092-DE54-4591-9C0F-A22A04AB71E9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5000:*:*:*:*:*:*:*:*", "matchCriteriaId": "FFB04F2B-04E2-4EB1-83BA-4F7537AF1099", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BD515AB-ECE5-480F-AA30-172CF4161834", "versionEndIncluding": "5.0\\(3\\)u1\\(2\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1a\\):*:*:*:*:*:*:*", "matchCriteriaId": "F8C124BA-D5FC-422A-B3F4-AC1A41B7EEE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1b\\):*:*:*:*:*:*:*", "matchCriteriaId": "F358E8D0-624B-412A-8726-B8AF96156317", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1d\\):*:*:*:*:*:*:*", "matchCriteriaId": "17A4CE07-64FF-4C5C-81FF-A2388818CF7F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3000:*:*:*:*:*:*:*:*", "matchCriteriaId": "61F9825B-DD64-4E38-9AE0-F87C210ADD9D", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490."}, {"lang": "es", "value": "La implementaci\u00f3n de ACL en Cisco NX-OS v5.0(2) y v5.0(3) antes de 5.0(3)N2(1) en los switches Nexus serie 5000 y NX-OS antes de 5.0(3)U1(2a) en los switches Nexus serie 3000, no maneja adecuadamente los comentarios en las declaraciones negadas, lo que permite a atacantes remotos evitar las restricciones de acceso previsto en circunstancias oportunas mediante el env\u00edo de paquetes. Se trata de un problema tambi\u00e9n conocido como Bug ID CSCto09813 y CSCtr61490."}], "id": "CVE-2011-2581", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-09-14T16:05:23.603", "references": [{"source": "psirt@cisco.com", "url": "http://secunia.com/advisories/45883"}, {"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id?1026019"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/45883"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1026019"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}