Boletines de Vulnerabilidades

Cisco Nexus 3000 and 9000 Series Switches Port Channel ACL Programming Vulnerability

Información sobre el sistema
   
Software afectado Cisco

Descripción
A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device. This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through

More info:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-po-acl-TkyePgvL?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%203000%20and%209000%20Series%20Switches%20Port%20Channel%20ACL%20Programming%20Vulnerability&vs_k=1

Identificadores estándar
Propiedad Valor
CVE CVE-2024-20291.

Histórico de versiones
Versión Comentario Fecha

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT