← volver
CVE-2024-20291

CVE-2024-20291

CVSS 5.8 MEDIUMEPSS 0.9%CWE-284
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.8EPSS 0.9%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
28 feb 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device. This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →