Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco Nexus 3550-F Switches Access Control List Programming Vulnerability

cisco-sa-3550-acl-bypass-mhskZc2q · Medium · Published · Updated

A vulnerability in the access control list (ACL) programming of Cisco Nexus 3550-F Switches could allow an unauthenticated, remote attacker to send traffic that should be blocked to the management interface of an affected device.  This vulnerability exists because ACL deny rules are not properly enforced at the time of device reboot. An attacker could exploit this vulnerability by attempting to send traffic to the management interface of an affected device. A successful exploit could allow the attacker to send traffic to the management interface of the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3550-acl-bypass-mhskZc2q

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2024-20371
Cisco Bug IDsCSCwi98129
CVSS ScoreBase 5.3
Base 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Nexus 3550 System Software

Related Products

Product CVE Evidence
Cisco Nexus 3550 System Software CVE-2024-20371 Cisco OpenVuln