vulnerability

Cisco NX-OS: CVE-2024-20291: Cisco Nexus 3000 and 9000 Series Switches Port Channel ACL Programming Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Feb 28, 2024	Feb 29, 2024	Jul 16, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Feb 28, 2024

Added

Feb 29, 2024

Modified

Jul 16, 2024

Description

A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device.

This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces.

Solution

cisco-nx-update-latest

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today