Packet-drop policy bypass vulnerability in Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches

Packet-drop policy bypass vulnerability in Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches

CVE-2014-3330 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Cisco NX-OS 6.1(2)I2(1) on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood of packets matching a policy that contains the log keyword, aka Bug ID CSCuo02489.

Learn more about our Web Application Penetration Testing UK.