CVE-2011-2581
Last modified
CVE-2011-2581 is a vulnerability of currently unknown severity. The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490.. EPSS estimates a 1.99% chance of exploitation in the next 30 days.
Description
The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Nx-Os | 5.0\(2\) |
| Cisco | Nx-Os | 5.0\(3\)n1\(1\) |
| Cisco | Nx-Os | 5.0\(3\)n1\(1a\) |
| Cisco | Nx-Os | 5.0\(3\)n1\(1b\) |
| Cisco | Nx-Os | 5.0\(3\) |
| Cisco | Nx-Os | 5.0\(3\)n1\(1c\) |
| Cisco | Nexus 5000 | All versions |
| Cisco | Nx-Os | <= 5.0\(3\)u1\(2\) |
| Cisco | Nx-Os | 5.0\(3\)u1\(1a\) |
| Cisco | Nx-Os | 5.0\(3\)u1\(1b\) |
| Cisco | Nx-Os | 5.0\(3\)u1\(1d\) |
| Cisco | Nexus 3000 | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-2581?
How severe is CVE-2011-2581?
How do I fix CVE-2011-2581?
Are you affected by CVE-2011-2581?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST