← Back

CVE-2011-2581

nvd nist
Published: Sep 14, 2011Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490.

Affected (12)

Cisco
3 products
Nx Os
Nexus 5000
Nexus 3000
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Nx Os
Version 5.0(2)
Nx Os
Version 5.0(3)n1(1)
Nx Os
Version 5.0(3)n1(1a)
Nx Os
Version 5.0(3)n1(1b)
Nx Os
Version 5.0(3)
Nx Os
Version 5.0(3)n1(1c)
Nexus 5000
All versions
Configuration B
5 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Nx Os
Up to 5.0\(3\)u1\(2\)
Nx Os
Version 5.0(3)u1(1a)
Nx Os
Version 5.0(3)u1(1b)
Nx Os
Version 5.0(3)u1(1d)
Nexus 3000
All versions

Related CWEs

CWE-264
CWE-264

References (6)

Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.