Cisco NX-OS Bypass Security Controls Vulnerability
Last Update Date:
7 May 2014 11:21
Release Date:
7 May 2014
3606
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
A vulnerability was identified in Cisco NX-OS Nexus 1000V. A remote user can bypass access controls in certain cases.
A remote user can can send IGMPv2 and IGMPv3 traffic to bypass 'deny' statements in access control lists (ACLs). IGMPv1 processing is not affected.
Impact
- Security Restriction Bypass
System / Technologies affected
- Nexus 1000V
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0685
Vulnerability Identifier
Source
Related Link
Share with