Brocade BigIron RX switch ACL bypass vulnerability

2011-07-13T00:00:00
ID VU:853246
Type cert
Reporter CERT
Modified 2012-02-03T00:00:00

Description

Overview

Brocade BigIron RX switch devices are susceptible to an access control list (ACL) bypass vulnerability by sending packets with the source port 179.

Description

Brocade BigIron RX switch devices do not properly restricted packets sent with a source port of 179. Port 179 is commonly used for Border Gateway Protocol (BGP) communication. It has been reported that individual packets with a source port of 179 are allowed through, as well as, full SSH and RDP sessions.


Impact

A remote unauthenticated attacker can bypass any ACL rule on a BigIron RX switch device.


Solution

Apply an Update

Brocade has created software defect 355173 for this issue. The following patch releases address this vulnerability; RX 2.8.00a, 2.7.03b, and 2.7.02l. Customers should contact Brocade support to download these updates.


Workaround

Do not depend on BigIron RX switch devices to provide restricted access to any network infrastructure. Use a separate trusted firewall device to restrict access.


Vendor Information

Vendor| Status| Date Notified| Date Updated
---|---|---|---
Brocade| | 06 Jun 2011| 25 Jul 2011
If you are a vendor and your product is affected, let us know.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | N/A | N/A

References

  • <http://www.brocade.com/products/all/switches/product-details/bigiron-rx-series/index.page>

Credit

Thanks to Bashar Ewaida for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

  • CVE IDs: CVE-2011-4884
  • Date Public: 13 Jul 2011
  • Date First Published: 13 Jul 2011
  • Date Last Updated: 03 Feb 2012
  • Severity Metric: 0.28
  • Document Revision: 24