CVE-2011-2581 - OpenCVE

The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Nexus 3000 Nexus 5000 Nx-os

Configuration 1 [-]

AND

OR	cpe:2.3:a:cisco:nx-os:5.0\(2\):::::::*
	cpe:2.3:a:cisco:nx-os:5.0\(3\)n1\(1\):::::::*
	cpe:2.3:a:cisco:nx-os:5.0\(3\)n1\(1a\):::::::*
	cpe:2.3:a:cisco:nx-os:5.0\(3\)n1\(1b\):::::::*
	cpe:2.3:o:cisco:nx-os:5.0\(3\):::::::*
	cpe:2.3:o:cisco:nx-os:5.0\(3\)n1\(1c\):::::::*

cpe:2.3:h:cisco:nexus_5000:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:cisco:nx-os::::::::
	cpe:2.3:o:cisco:nx-os:5.0\(3\)u1\(1a\):::::::*
	cpe:2.3:o:cisco:nx-os:5.0\(3\)u1\(1b\):::::::*
	cpe:2.3:o:cisco:nx-os:5.0\(3\)u1\(1d\):::::::*

cpe:2.3:h:cisco:nexus_3000:*:*:*:*:*:*:*:*

References

Link	Resource
http://secunia.com/advisories/45883
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml	Vendor Advisory
http://www.securitytracker.com/id?1026019

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2011-09-14T15:00:00

Updated: 2011-10-06T09:00:00

Reserved: 2011-06-27T00:00:00

Link: CVE-2011-2581

JSON object: View

NVD Information

Status : Modified

Published: 2011-09-14T16:05:23.603

Modified: 2022-04-05T15:52:44.640

Link: CVE-2011-2581

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-09-07T00:00:00", "descriptions": [{"lang": "en", "value": "The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-10-06T09:00:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1026019", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1026019"}, {"name": "20110907 Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"name": "45883", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45883"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2011-2581", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1026019", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1026019"}, {"name": "20110907 Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"name": "45883", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/45883"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2011-2581", "datePublished": "2011-09-14T15:00:00", "dateReserved": "2011-06-27T00:00:00", "dateUpdated": "2011-10-06T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "464FDB26-D6B4-41A4-83F4-8C7D21F3AC51", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(3\\)n1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "BD01F15F-2465-4998-A6F7-AD9D4B3468AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(3\\)n1\\(1a\\):*:*:*:*:*:*:*", "matchCriteriaId": "3709E352-CEEC-402A-BEF8-3E5A5646DA6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:nx-os:5.0\\(3\\)n1\\(1b\\):*:*:*:*:*:*:*", "matchCriteriaId": "023C7483-94B7-47AC-AB57-978A57D85148", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "16131960-37FE-4154-A82C-E3249B066DC4", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)n1\\(1c\\):*:*:*:*:*:*:*", "matchCriteriaId": "B4B91092-DE54-4591-9C0F-A22A04AB71E9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_5000:*:*:*:*:*:*:*:*", "matchCriteriaId": "FFB04F2B-04E2-4EB1-83BA-4F7537AF1099", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BD515AB-ECE5-480F-AA30-172CF4161834", "versionEndIncluding": "5.0\\(3\\)u1\\(2\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1a\\):*:*:*:*:*:*:*", "matchCriteriaId": "F8C124BA-D5FC-422A-B3F4-AC1A41B7EEE3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1b\\):*:*:*:*:*:*:*", "matchCriteriaId": "F358E8D0-624B-412A-8726-B8AF96156317", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:nx-os:5.0\\(3\\)u1\\(1d\\):*:*:*:*:*:*:*", "matchCriteriaId": "17A4CE07-64FF-4C5C-81FF-A2388818CF7F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:nexus_3000:*:*:*:*:*:*:*:*", "matchCriteriaId": "61F9825B-DD64-4E38-9AE0-F87C210ADD9D", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490."}, {"lang": "es", "value": "La implementaci\u00f3n de ACL en Cisco NX-OS v5.0(2) y v5.0(3) antes de 5.0(3)N2(1) en los switches Nexus serie 5000 y NX-OS antes de 5.0(3)U1(2a) en los switches Nexus serie 3000, no maneja adecuadamente los comentarios en las declaraciones negadas, lo que permite a atacantes remotos evitar las restricciones de acceso previsto en circunstancias oportunas mediante el env\u00edo de paquetes. Se trata de un problema tambi\u00e9n conocido como Bug ID CSCto09813 y CSCtr61490."}], "id": "CVE-2011-2581", "lastModified": "2022-04-05T15:52:44.640", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-09-14T16:05:23.603", "references": [{"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/45883"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9250c.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id?1026019"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}