CVE-2021-1228Improper Access Control in Cisco Nx-os System Software IN ACI Mode 11.0

CWE-284Improper Access ControlCWE-158Improper Neutralization of Null Byte or NUL Character5 documents5 sources
Severity
6.5MEDIUMNVD
CNA7.4
EPSS
0.1%
top 75.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Nx-os System Software IN ACI Mode 11.0Cisco Nx-os
Timeline
PublishedFeb 24
Latest updateApr 10

Description

A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass security validations and connect an unauthorized server to the infrastructure VLAN. This vulnerability is due to insufficient security requirements during the Link Layer Discovery Protocol (LLDP) setup phase of the infrastructure VLAN. An attacker could exploit this vulner

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDcisco/nx-os162 versions+161

🔴Vulnerability Details

2
GHSA
GHSA-mjqq-xhvr-c2mf: A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastru2022-05-24
CVEList
Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability2021-02-24

📋Vendor Advisories

2
Red Hat
kernel: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()2024-04-10
Cisco
Cisco Nexus 9000 Series Fabric Switches ACI Mode Fabric Infrastructure VLAN Unauthorized Access Vulnerability2021-02-24
CVE-2021-1228 — Improper Access Control in Cisco | cvebase