Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-20291

Published: 29/02/2024 Updated: 29/02/2024

Vulnerability Summary

A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote malicious user to send traffic that should be blocked through an affected device. This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the malicious user to access network resources that should be protected by an ACL that was applied on port channel subinterfaces.

Github Repositories

https://github.com/BetterCzz/CVE-2024-20291-POC

CVE-2024-20291-POC exploit ---> RCE

CVE-2024-20291-POC Proof of Concept: CVE-2024-20291 is an access control list (ACL) programming vulnera

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-po-acl-TkyePgvLhttps://nvd.nist.govhttps://github.com/BetterCzz/CVE-2024-20291-POC
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook