NVD

Id
31533  
Name
CVE-2014-3330  
Description
Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood of packets matching a policy that contains the log keyword, aka Bug ID CSCuo02489.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2014-08-11  
Modified Date
2017-01-06  
Seq
2014-3330  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
165288 31533 CVE-2014-3330 20140805 Cisco Nexus 9000 Series Switches Access List Bypass Vulnerability  View
165289 31533 CVE-2014-3330 http://tools.cisco.com/security/center/viewAlert.x?alertId=35181  View
165290 31533 CVE-2014-3330 69057  View
165291 31533 CVE-2014-3330 1030676  View
165292 31533 CVE-2014-3330 cisco-nexus-cve20143330-sec-bypass(95122)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
14859 JVNDB-2014-003734 Nexus 9000 スイッチ上で稼動する Cisco NX-OS におけるアクセス制限を回避される脆弱性 Nexus 9000 スイッチ上で稼動する Cisco NX-OS は、ログに記録されたパケットに対して packet-drop ポリシーチェック処理をしないため、アクセス制限を回避される脆弱性が存在します。 CVE-2014-3330 70618 CVE-2014-3330 31533 5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003734.html 2014-08-05 2014-08-13 View