CVE-2014-3330Cisco Nx-os vulnerability

CWE-2645 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
0.1%
top 67.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Nx-os
Timeline
PublishedAug 11
Latest updateMay 17

Description

Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood of packets matching a policy that contains the log keyword, aka Bug ID CSCuo02489.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/nx-os6.1\(2\)i2\(1\)

🔴Vulnerability Details

2
GHSA
GHSA-6crj-4242-77vf: Cisco NX-OS 62022-05-17
CVEList
CVE-2014-3330: Cisco NX-OS 62014-08-11

📋Vendor Advisories

1
Cisco
Cisco Nexus 9000 Series Switches Access List Bypass Vulnerability2014-08-06
CVE-2014-3330 — Cisco Nx-os vulnerability | cvebase