CVE-2021-1591Improper Access Control in Cisco Nx-os Software

CWE-284Improper Access ControlCWE-287Improper Authentication4 documents4 sources
Severity
5.3MEDIUMNVD
CNA5.8
EPSS
0.3%
top 47.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Nx-os SoftwareCisco Nx-os
Timeline
PublishedAug 25
Latest updateMay 24

Description

A vulnerability in the EtherChannel port subscription logic of Cisco Nexus 9500 Series Switches could allow an unauthenticated, remote attacker to bypass access control list (ACL) rules that are configured on an affected device. This vulnerability is due to oversubscription of resources that occurs when applying ACLs to port channel interfaces. An attacker could exploit this vulnerability by attempting to access network resources that are protected by the ACL. A successful exploit could allow th

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDcisco/nx-os9.3\(4\)

Patches

Patch: tools.cisco.comPatch: tools.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-7mcq-4g86-cgx3: A vulnerability in the EtherChannel port subscription logic of Cisco Nexus 9500 Series Switches could allow an unauthenticated, remote attacker to byp2022-05-24
CVEList
Cisco Nexus 9500 Series Switches Access Control List Bypass Vulnerability2021-08-25

📋Vendor Advisories

1
Cisco
Cisco Nexus 9500 Series Switches Access Control List Bypass Vulnerability2021-08-25