CVE-2011-2581
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490.
La implementación de ACL en Cisco NX-OS v5.0(2) y v5.0(3) antes de 5.0(3)N2(1) en los switches Nexus serie 5000 y NX-OS antes de 5.0(3)U1(2a) en los switches Nexus serie 3000, no maneja adecuadamente los comentarios en las declaraciones negadas, lo que permite a atacantes remotos evitar las restricciones de acceso previsto en circunstancias oportunas mediante el envío de paquetes. Se trata de un problema también conocido como Bug ID CSCto09813 y CSCtr61490.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-06-27 CVE Reserved
- 2011-09-08 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/45883 | Third Party Advisory | |
| http://www.securitytracker.com/id?1026019 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml | 2022-04-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 5.0\(2\) Search vendor "Cisco" for product "Nx-os" and version "5.0\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5000 Search vendor "Cisco" for product "Nexus 5000" | * | - |
Affected
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 5.0\(3\)n1\(1\) Search vendor "Cisco" for product "Nx-os" and version "5.0\(3\)n1\(1\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5000 Search vendor "Cisco" for product "Nexus 5000" | * | - |
Affected
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 5.0\(3\)n1\(1a\) Search vendor "Cisco" for product "Nx-os" and version "5.0\(3\)n1\(1a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5000 Search vendor "Cisco" for product "Nexus 5000" | * | - |
Affected
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 5.0\(3\)n1\(1b\) Search vendor "Cisco" for product "Nx-os" and version "5.0\(3\)n1\(1b\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5000 Search vendor "Cisco" for product "Nexus 5000" | * | - |
Affected
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 5.0\(3\) Search vendor "Cisco" for product "Nx-os" and version "5.0\(3\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5000 Search vendor "Cisco" for product "Nexus 5000" | * | - |
Affected
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 5.0\(3\)n1\(1c\) Search vendor "Cisco" for product "Nx-os" and version "5.0\(3\)n1\(1c\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 5000 Search vendor "Cisco" for product "Nexus 5000" | * | - |
Affected
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | <= 5.0\(3\)u1\(2\) Search vendor "Cisco" for product "Nx-os" and version " <= 5.0\(3\)u1\(2\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3000 Search vendor "Cisco" for product "Nexus 3000" | * | - |
Affected
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 5.0\(3\)u1\(1a\) Search vendor "Cisco" for product "Nx-os" and version "5.0\(3\)u1\(1a\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3000 Search vendor "Cisco" for product "Nexus 3000" | * | - |
Affected
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 5.0\(3\)u1\(1b\) Search vendor "Cisco" for product "Nx-os" and version "5.0\(3\)u1\(1b\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3000 Search vendor "Cisco" for product "Nexus 3000" | * | - |
Affected
|
| Cisco Search vendor "Cisco" | Nx-os Search vendor "Cisco" for product "Nx-os" | 5.0\(3\)u1\(1d\) Search vendor "Cisco" for product "Nx-os" and version "5.0\(3\)u1\(1d\)" | - |
Affected
| in | Cisco Search vendor "Cisco" | Nexus 3000 Search vendor "Cisco" for product "Nexus 3000" | * | - |
Affected
|