5.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
7.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%
A vulnerability exists in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
#TRUSTED 613f90b2d60333cac6e99a0ce1312bc10117aecc91fc27a964f448d32236c2ce7cdff1fe3a036629e3f7879d1a133f06497671f3c454d085b83bbe3a91663d58329cada338213bac476df29408139e22bd355fd512da58f7befe740260f4d58168e97dae9e9d10ebe0d8480634b95b73ce28dde8d1b9c446e46914c659c105e3503f134163f6e913e86db8a65c377f3a8ea761edf1814f03bf47577342e3426e67b91cf0e694171ee71c6d3c279ea704ed7fc412c4ad09a4337e3e9f779889231a88b04f644e66ce849f229b90e4925e55fcd0f384ce4de48c49f9c4405a7695955470aee3b5e94320b2a7d45e032c97e42f6743e7af83a19392d6dcbf7717fbaa2cab9205a3e9b70ed7ba26e50d927c598f8af5cc475f0f753a4a683f25deaadbf96646ce0b02cfd2669f0caec4cefe1576d83ccec79fe4b512cc07ec2c54b3fb2639aaafb0339b5ca40d7281da5f24e3578017c11180af7b50beb049fee17e7aa3be69c888dd55ba46e782ec5d3b11da86d6b15098e4cefb5e8538d3f57f9a9ba2ceceec7d757760de385334fd8cadc4837b6556512a8f1841156fccce88aad8ad8ae64048f3df3a012118b15d729b7ad6c53c3acee0f08645fcf357b445a831d7fbbc8c83e873149f83c9153e3a92cd2ab7129048278de68494297694e0d4c1b6518341688e43c1d38bceef8070eb8d7f2756d86c5651d3add5f930d715bb
#TRUST-RSA-SHA256 230f78aa72053daf320c90a8c175cec25b045a574004248aafedb10c7f2bf8ec1d3034a48c0c580ad10468c60ae15d261d48e40d10dd8533428f285ef7de1225814fbab0901383644e05ed90dadd53a7e491d6fd8a0015ca1fa6c61fe61e9110949a108ad8bbd5f6741ee1cee35639d20e0b93a570aca14e0db3a3f44d7f5025f3b71e76d55f457ad3caf06862d6f29078911789e15d1ed17cf8bf234c45d69abc26c43932f8f7e60c3cd219f82990945183bf0d59decf1c86b9104f45ec50fec432067aa2eec053444c634705431da0b38963befcdae174385a5c3e7d5797ccc1ee7b3b6a48f3e0a6d953e9b9f85e8aa856dcad6e547ba4a4b7f558747efbc7bd44fbba7881b7718e795d53f5efed4f812df691abdabad2056b189c0aa65993c4a792465b5977eb57846b646494aa7961e0551d0cbfe7d04531ba3fdfd7c3ef7690036712089b3914d5892d0310ae3a8949525d7d2d38aff0ceba8b5cbb8c9c504449f1f0b9de8484633889520c2c6857b34de455c8df4e8f3bacd3a95dec44563b48b207f5add335c7f27a6eabe58053ead7d9b653892943c14e6050c1c929954cb47aa778fdf1761910fb0e1b72fc9bad604775b79aefb69a259923936ed23792eb13614da5e8aabe6bb0be833ec9c50f8cd23be8bee230fc9ac9ac4aa13b40994d2103fd86c49a7e5b1d66cafc622eeca7209f168b92540251062dae2c61
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(192306);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/20");
script_cve_id("CVE-2024-20291");
script_xref(name:"IAVA", value:"2024-A-0119");
script_xref(name:"CISCO-BUG-ID", value:"CSCwf47127");
script_xref(name:"CISCO-SA", value:"cisco-sa-nxos-po-acl-TkyePgvL");
script_name(english:"Cisco Nexus 3000 and 9000 Series Switches Port Channel ACL Programming (cisco-sa-nxos-po-acl-TkyePgvL)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"A vulnerability exists in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000
and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that
should be blocked through an affected device.
Please see the included Cisco BIDs and Cisco Security Advisory for more information.");
# https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-po-acl-TkyePgvL
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?f87df2e3");
# https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75059
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e327a04a");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwf47127");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwf47127");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-20291");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(284);
script_set_attribute(attribute:"vuln_publication_date", value:"2024/02/28");
script_set_attribute(attribute:"patch_publication_date", value:"2024/02/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/03/20");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_nxos_version.nasl");
script_require_keys("Host/Cisco/NX-OS/Version", "Host/Cisco/NX-OS/Model", "Host/Cisco/NX-OS/Device");
exit(0);
}
include('cisco_workarounds.inc');
include('ccf.inc');
var product_info = cisco::get_product_info(name:'Cisco NX-OS Software');
var show_ver = get_kb_item('Host/Cisco/show_ver');
var smu_package;
if (('Nexus' >!< product_info.device || product_info.model !~ "(^|[^0-9])3[0-9]{2,3}") &&
('Nexus' >!< product_info.device || product_info.model !~ "(^|[^0-9])9[0-9]{2,3}"))
audit(AUDIT_HOST_NOT, 'affected');
if (!empty_or_null(show_ver))
{
foreach smu_package (['nxos.CSCwf47127-n9k_ALL-1.0.0-9.3.12.lib32_n9000'])
{
if (smu_package >< show_ver)
audit(AUDIT_HOST_NOT, 'affected');
}
}
var version_list = [
'9.3(10)',
'9.3(11)',
'9.3(12)'
];
var reporting = make_array(
'port' , 0,
'severity', SECURITY_WARNING,
'version' , product_info['version'],
'bug_id' , 'CSCwf47127'
);
var workarounds = make_list(CISCO_WORKAROUNDS['generic_workaround']);
var workaround_params = WORKAROUND_CONFIG['acl_ingress_config'];
cisco::check_and_report(
product_info:product_info,
workarounds:workarounds,
workaround_params:workaround_params,
reporting:reporting,
vuln_versions:version_list
);
5.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
7.2 High
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
9.1%