Lucene search
HistoryJan 26, 2024 - 6:15 p.m.
CVE-2024-20263
cisco
business 250
business 350
switches
vulnerability
acl
management
remote attacker
bypass
nvd
cve-2024-20263
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.0%
A vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. This vulnerability is due to incorrect processing of ACLs on a stacked configuration when either the primary or backup switches experience a full stack reload or power cycle. An attacker could exploit this vulnerability by sending crafted traffic through an affected device. A successful exploit could allow the attacker to bypass configured ACLs, causing traffic to be dropped or forwarded in an unexpected manner. The attacker does not have control over the conditions that result in the device being in the vulnerable state. Note: In the vulnerable state, the ACL would be correctly applied on the primary devices but could be incorrectly applied to the backup devices.
Affected configurations
Node
ciscocbs250-8t-dMatch-
ciscocbs250-8t-d_firmwareRange3.4–3.4.0.17
Node
ciscocbs250-8pp-dMatch-
ciscocbs250-8pp-d_firmwareRange3.4–3.4.0.17
Node
ciscocbs250-8t-e-2g_firmwareRange3.4–3.4.0.17
ciscocbs250-8t-e-2gMatch-
Node
ciscocbs250-8pp-e-2g_firmwareRange3.4–3.4.0.17
ciscocbs250-8pp-e-2gMatch-
Node
ciscocbs250-8p-e-2g_firmwareRange3.4–3.4.0.17
ciscocbs250-8p-e-2gMatch-
Node
ciscocbs250-8fp-e-2g_firmwareRange3.4–3.4.0.17
ciscocbs250-8fp-e-2gMatch-
Node
ciscocbs250-16t-2g_firmwareRange3.4–3.4.0.17
ciscocbs250-16t-2gMatch-
Node
ciscocbs250-16p-2g_firmwareRange3.4–3.4.0.17
ciscocbs250-16p-2gMatch-
Node
ciscocbs250-24t-4g_firmwareRange3.4–3.4.0.17
ciscocbs250-24t-4gMatch-
Node
ciscocbs250-24pp-4g_firmwareRange3.4–3.4.0.17
ciscocbs250-24pp-4gMatch-
Node
ciscocbs250-24p-4g_firmwareRange3.4–3.4.0.17
ciscocbs250-24p-4gMatch-
Node
ciscocbs250-24fp-4g_firmwareRange3.4–3.4.0.17
ciscocbs250-24fp-4gMatch-
Node
ciscocbs250-48t-4g_firmwareRange3.4–3.4.0.17
ciscocbs250-48t-4gMatch-
Node
ciscocbs250-48pp-4g_firmwareRange3.4–3.4.0.17
ciscocbs250-48pp-4gMatch-
Node
ciscocbs250-48p-4g_firmwareRange3.4–3.4.0.17
ciscocbs250-48p-4gMatch-
Node
ciscocbs250-24t-4x_firmwareRange3.4–3.4.0.17
ciscocbs250-24t-4xMatch-
Node
ciscocbs250-24p-4x_firmwareRange3.4–3.4.0.17
ciscocbs250-24p-4xMatch-
Node
ciscocbs250-24fp-4x_firmwareRange3.4–3.4.0.17
ciscocbs250-24fp-4xMatch-
Node
ciscocbs250-48t-4x_firmwareRange3.4–3.4.0.17
ciscocbs250-48t-4xMatch-
Node
ciscocbs250-48p-4x_firmwareRange3.4–3.4.0.17
ciscocbs250-48p-4xMatch-
Node
ciscocbs350-8t-e-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-8t-e-2gMatch-
Node
ciscocbs350-8p-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-8p-2gMatch-
Node
ciscocbs350-8p-e-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-8p-e-2gMatch-
Node
ciscocbs350-8fp-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-8fp-2gMatch-
Node
ciscocbs350-8fp-e-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-8fp-e-2gMatch-
Node
ciscocbs350-8s-e-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-8s-e-2gMatch-
Node
ciscocbs350-16t-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-16t-2gMatch-
Node
ciscocbs350-16t-e-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-16t-e-2gMatch-
Node
ciscocbs350-16p-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-16p-2gMatch-
Node
ciscocbs350-16p-e-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-16p-e-2gMatch-
Node
ciscocbs350-16fp-2g_firmwareRange3.4–3.4.0.17
ciscocbs350-16fp-2gMatch-
Node
ciscocbs350-24t-4g_firmwareRange3.4–3.4.0.17
ciscocbs350-24t-4gMatch-
Node
ciscocbs350-24p-4g_firmwareRange3.4–3.4.0.17
ciscocbs350-24p-4gMatch-
Node
ciscocbs350-24fp-4g_firmwareRange3.4–3.4.0.17
ciscocbs350-24fp-4gMatch-
Node
ciscocbs350-24s-4g_firmwareRange3.4–3.4.0.17
ciscocbs350-24s-4gMatch-
Node
ciscocbs350-48t-4g_firmwareRange3.4–3.4.0.17
ciscocbs350-48t-4gMatch-
Node
ciscocbs350-48p-4g_firmwareRange3.4–3.4.0.17
ciscocbs350-48p-4gMatch-
Node
ciscocbs350-48fp-4g_firmwareRange3.4–3.4.0.17
ciscocbs350-48fp-4gMatch-
Node
ciscocbs350-24t-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-24t-4xMatch-
Node
ciscocbs350-24p-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-24p-4xMatch-
Node
ciscocbs350-24fp-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-24fp-4xMatch-
Node
ciscocbs350-48t-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-48t-4xMatch-
Node
ciscocbs350-48p-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-48p-4xMatch-
Node
ciscocbs350-48fp-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-48fp-4xMatch-
Node
ciscocbs350-8mgp-2x_firmwareRange3.4–3.4.0.17
ciscocbs350-8mgp-2xMatch-
Node
ciscocbs350-8mp-2x_firmwareRange3.4–3.4.0.17
ciscocbs350-8mp-2xMatch-
Node
ciscocbs350-24mgp-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-24mgp-4xMatch-
Node
ciscocbs350-12np-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-12np-4xMatch-
Node
ciscocbs350-24ngp-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-24ngp-4xMatch-
Node
ciscocbs350-48ngp-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-48ngp-4xMatch-
Node
ciscocbs350-8xt_firmwareRange3.4–3.4.0.17
ciscocbs350-8xtMatch-
Node
ciscocbs350-12xs_firmwareRange3.4–3.4.0.17
ciscocbs350-12xsMatch-
Node
ciscocbs350-12xt_firmwareRange3.4–3.4.0.17
ciscocbs350-12xtMatch-
Node
ciscocbs350-16xts_firmwareRange3.4–3.4.0.17
ciscocbs350-16xtsMatch-
Node
ciscocbs350-24xs_firmwareRange3.4–3.4.0.17
ciscocbs350-24xsMatch-
Node
ciscocbs350-24xt_firmwareRange3.4–3.4.0.17
ciscocbs350-24xtMatch-
Node
ciscocbs350-24xts_firmwareRange3.4–3.4.0.17
ciscocbs350-24xtsMatch-
Node
ciscocbs350-48xt-4x_firmwareRange3.4–3.4.0.17
ciscocbs350-48xt-4xMatch-
Node
ciscocbs250-8t-d_firmwareRange2.5–2.5.9.54
ciscocbs250-8t-dMatch-
Node
ciscocbs250-8pp-d_firmwareRange2.5–2.5.9.54
ciscocbs250-8pp-dMatch-
Node
ciscocbs250-8t-e-2g_firmwareRange2.5–2.5.9.54
ciscocbs250-8t-e-2gMatch-
Node
ciscocbs250-8pp-e-2g_firmwareRange2.5–2.5.9.54
ciscocbs250-8pp-e-2gMatch-
Node
ciscocbs250-8p-e-2g_firmwareRange2.5–2.5.9.54
ciscocbs250-8p-e-2gMatch-
Node
ciscocbs250-8fp-e-2g_firmwareRange2.5–2.5.9.54
ciscocbs250-8fp-e-2gMatch-
Node
ciscocbs250-16t-2g_firmwareRange2.5–2.5.9.54
ciscocbs250-16t-2gMatch-
Node
ciscocbs250-16p-2g_firmwareRange2.5–2.5.9.54
ciscocbs250-16p-2gMatch-
Node
ciscocbs250-24t-4g_firmwareRange2.5–2.5.9.54
ciscocbs250-24t-4gMatch-
Node
ciscocbs250-24pp-4g_firmwareRange2.5–2.5.9.54
ciscocbs250-24pp-4gMatch-
Node
ciscocbs250-24p-4g_firmwareRange2.5–2.5.9.54
ciscocbs250-24p-4gMatch-
Node
ciscocbs250-24fp-4g_firmwareRange2.5–2.5.9.54
ciscocbs250-24fp-4gMatch-
Node
ciscocbs250-48t-4g_firmwareRange2.5–2.5.9.54
ciscocbs250-48t-4gMatch-
Node
ciscocbs250-48pp-4g_firmwareRange2.5–2.5.9.54
ciscocbs250-48pp-4gMatch-
Node
ciscocbs250-48p-4g_firmwareRange2.5–2.5.9.54
ciscocbs250-48p-4gMatch-
Node
ciscocbs250-24t-4x_firmwareRange2.5–2.5.9.54
ciscocbs250-24t-4xMatch-
Node
ciscocbs250-24p-4x_firmwareRange2.5–2.5.9.54
ciscocbs250-24p-4xMatch-
Node
ciscocbs250-24fp-4x_firmwareRange2.5–2.5.9.54
ciscocbs250-24fp-4xMatch-
Node
ciscocbs250-48t-4x_firmwareRange2.5–2.5.9.54
ciscocbs250-48t-4xMatch-
Node
ciscocbs250-48p-4x_firmwareRange2.5–2.5.9.54
ciscocbs250-48p-4xMatch-
Node
ciscocbs350-8t-e-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-8t-e-2gMatch-
Node
ciscocbs350-8p-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-8p-2gMatch-
Node
ciscocbs350-8p-e-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-8p-e-2gMatch-
Node
ciscocbs350-8fp-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-8fp-2gMatch-
Node
ciscocbs350-8fp-e-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-8fp-e-2gMatch-
Node
ciscocbs350-8s-e-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-8s-e-2gMatch-
Node
ciscocbs350-16t-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-16t-2gMatch-
Node
ciscocbs350-16t-e-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-16t-e-2gMatch-
Node
ciscocbs350-16p-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-16p-2gMatch-
Node
ciscocbs350-16p-e-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-16p-e-2gMatch-
Node
ciscocbs350-16fp-2g_firmwareRange2.5–2.5.9.54
ciscocbs350-16fp-2gMatch-
Node
ciscocbs350-24t-4g_firmwareRange2.5–2.5.9.54
ciscocbs350-24t-4gMatch-
Node
ciscocbs350-24p-4g_firmwareRange2.5–2.5.9.54
ciscocbs350-24p-4gMatch-
Node
ciscocbs350-24fp-4g_firmwareRange2.5–2.5.9.54
ciscocbs350-24fp-4gMatch-
Node
ciscocbs350-24s-4g_firmwareRange2.5–2.5.9.54
ciscocbs350-24s-4gMatch-
Node
ciscocbs350-48t-4g_firmwareRange2.5–2.5.9.54
ciscocbs350-48t-4gMatch-
Node
ciscocbs350-48p-4g_firmwareRange2.5–2.5.9.54
ciscocbs350-48p-4gMatch-
Node
ciscocbs350-48fp-4g_firmwareRange2.5–2.5.9.54
ciscocbs350-48fp-4gMatch-
Node
ciscocbs350-24t-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-24t-4xMatch-
Node
ciscocbs350-24p-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-24p-4xMatch-
Node
ciscocbs350-24fp-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-24fp-4xMatch-
Node
ciscocbs350-48t-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-48t-4xMatch-
Node
ciscocbs350-48p-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-48p-4xMatch-
Node
ciscocbs350-48fp-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-48fp-4xMatch-
Node
ciscocbs350-8mgp-2x_firmwareRange2.5–2.5.9.54
ciscocbs350-8mgp-2xMatch-
Node
ciscocbs350-8mp-2x_firmwareRange2.5–2.5.9.54
ciscocbs350-8mp-2xMatch-
Node
ciscocbs350-24mgp-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-24mgp-4xMatch-
Node
ciscocbs350-12np-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-12np-4xMatch-
Node
ciscocbs350-24ngp-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-24ngp-4xMatch-
Node
ciscocbs350-48ngp-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-48ngp-4xMatch-
Node
ciscocbs350-8xt_firmwareRange2.5–2.5.9.54
ciscocbs350-8xtMatch-
Node
ciscocbs350-12xs_firmwareRange2.5–2.5.9.54
ciscocbs350-12xsMatch-
Node
ciscocbs350-12xt_firmwareRange2.5–2.5.9.54
ciscocbs350-12xtMatch-
Node
ciscocbs350-16xts_firmwareRange2.5–2.5.9.54
ciscocbs350-16xtsMatch-
Node
ciscocbs350-24xs_firmwareRange2.5–2.5.9.54
ciscocbs350-24xsMatch-
Node
ciscocbs350-24xt_firmwareRange2.5–2.5.9.54
ciscocbs350-24xtMatch-
Node
ciscocbs350-24xts_firmwareRange2.5–2.5.9.54
ciscocbs350-24xtsMatch-
Node
ciscocbs350-48xt-4x_firmwareRange2.5–2.5.9.54
ciscocbs350-48xt-4xMatch-
Node
ciscosg350xg-2f10_firmwareRange2.5–2.5.9.54
ciscosg350xg-2f10Match-
Node
ciscosg350xg-24f_firmwareRange2.5–2.5.9.54
ciscosg350xg-24fMatch-
Node
ciscosg350xg-24t_firmwareRange2.5–2.5.9.54
ciscosg350xg-24tMatch-
Node
ciscosg350xg-48t_firmwareRange2.5–2.5.9.54
ciscosg350xg-48tMatch-
Node
ciscosg350x-24_firmwareRange2.5–2.5.9.54
ciscosg350x-24Match-
Node
ciscosg350x-24p_firmwareRange2.5–2.5.9.54
ciscosg350x-24pMatch-
Node
ciscosg350x-24mp_firmwareRange2.5–2.5.9.54
ciscosg350x-24mpMatch-
Node
ciscosg350x-48_firmwareRange2.5–2.5.9.54
ciscosg350x-48Match-
Node
ciscosg350x-48p_firmwareRange2.5–2.5.9.54
ciscosg350x-48pMatch-
Node
ciscosg350x-48mp_firmwareRange2.5–2.5.9.54
ciscosg350x-48mpMatch-
Node
ciscosg550xg-8f8t_firmwareRange2.5–2.5.9.54
ciscosg550xg-8f8tMatch-
Node
ciscosg550xg-24f_firmwareRange2.5–2.5.9.54
ciscosg550xg-24fMatch-
Node
ciscosg550xg-24t_firmwareRange2.5–2.5.9.54
ciscosg550xg-24tMatch-
Node
ciscosg550x-48t_firmwareRange2.5–2.5.9.54
ciscosg550x-48tMatch-
Node
ciscosg550x-24_firmwareRange2.5–2.5.9.54
ciscosg550x-24Match-
Node
ciscosg550x-24p_firmwareRange2.5–2.5.9.54
ciscosg550x-24pMatch-
Node
ciscosg550x-24mp_firmwareRange2.5–2.5.9.54
ciscosg550x-24mpMatch-
Node
ciscosg550x-24mpp_firmwareRange2.5–2.5.9.54
ciscosg550x-24mppMatch-
Node
ciscosg550x-48_firmwareRange2.5–2.5.9.54
ciscosg550x-48Match-
Node
ciscosg550x-48p_firmwareRange2.5–2.5.9.54
ciscosg550x-48pMatch-
Node
ciscosg550x-48mp_firmwareRange2.5–2.5.9.54
ciscosg550x-48mpMatch-
Node
ciscosf550x-24_firmwareRange2.5–2.5.9.54
ciscosf550x-24Match-
Node
ciscosf550x-24p_firmwareRange2.5–2.5.9.54
ciscosf550x-24pMatch-
Node
ciscosf550x-24mp_firmwareRange2.5–2.5.9.54
ciscosf550x-24mpMatch-
Node
ciscosf550x-48_firmwareRange2.5–2.5.9.54
ciscosf550x-48Match-
Node
ciscosf550x-48p_firmwareRange2.5–2.5.9.54
ciscosf550x-48pMatch-
Node
ciscosf550x-48mp_firmwareRange2.5–2.5.9.54
ciscosf550x-48mpMatch-
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:cbs250-8t-d_firmware | cisco cbs250-8t-d firmware | lt | 3.4.0.17 |
CNA Affected
[
{
"vendor": "Cisco",
"product": "Cisco Small Business Smart and Managed Switches",
"versions": [
{
"version": "2.0.0.73",
"status": "affected"
},
{
"version": "2.1.0.63",
"status": "affected"
},
{
"version": "2.2.0.63",
"status": "affected"
},
{
"version": "2.2.0.66",
"status": "affected"
},
{
"version": "2.2.5.68",
"status": "affected"
},
{
"version": "2.2.7.07",
"status": "affected"
},
{
"version": "2.2.8.04",
"status": "affected"
},
{
"version": "2.3.0.130",
"status": "affected"
},
{
"version": "2.3.5.63",
"status": "affected"
},
{
"version": "2.4.0.91",
"status": "affected"
},
{
"version": "2.4.0.94",
"status": "affected"
},
{
"version": "2.4.5.71",
"status": "affected"
},
{
"version": "2.5.0.78",
"status": "affected"
},
{
"version": "2.5.0.79",
"status": "affected"
},
{
"version": "2.5.0.82",
"status": "affected"
},
{
"version": "2.5.0.83",
"status": "affected"
},
{
"version": "2.5.0.89",
"status": "affected"
},
{
"version": "2.5.0.90",
"status": "affected"
},
{
"version": "2.5.0.92",
"status": "affected"
},
{
"version": "2.5.5.47",
"status": "affected"
},
{
"version": "2.5.7.85",
"status": "affected"
},
{
"version": "2.5.8.12",
"status": "affected"
},
{
"version": "2.5.8.15",
"status": "affected"
},
{
"version": "2.5.9.13",
"status": "affected"
},
{
"version": "2.5.9.15",
"status": "affected"
},
{
"version": "2.5.9.16",
"status": "affected"
},
{
"version": "3.0.0.61",
"status": "affected"
},
{
"version": "3.0.0.69",
"status": "affected"
},
{
"version": "3.1.0.57",
"status": "affected"
},
{
"version": "3.1.1.7",
"status": "affected"
},
{
"version": "3.2.0.84",
"status": "affected"
},
{
"version": "3.2.0.89",
"status": "affected"
},
{
"version": "3.2.1.1",
"status": "affected"
},
{
"version": "3.3.0.16",
"status": "affected"
}
]
}
]Related
nessus
nessus
cisco
cisco
Cisco Small Business Series Switches Stacked Reload ACL Bypass Vulnerability
2024-01-24 16:00:00
nvd
nvd
CVE-2024-20263
2024-01-26 18:15:11
prion
prion
Design/Logic Flaw
2024-01-26 18:15:00
cvelist
cvelist
CVE-2024-20263
2024-01-26 17:27:08
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
27.0%
Related for CVE-2024-20263