Access Control List Bypass in Cisco Nexus 1000V for VMware
CVE-2014-0685

Currently unrated

Key Information:

Vendor: Cisco
Status: Cisco Nexus 1000v Intercloud
Vendor: CVE Published:; 7 May 2014

Summary

The Cisco Nexus 1000V InterCloud for VMware has a vulnerability that allows remote attackers to bypass Access Control List (ACL) deny statements. This can be exploited using specially crafted IGMPv2 or IGMPv3 packets, leading to unauthorized access to network resources. Affected versions before 5.2(1)IC1(1.2) are particularly at risk. This vulnerability highlights the importance of updating network devices and managing ACLs effectively to protect against potential breaches.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
May 7, 2014
Vulnerability Reserved
Jan 2, 2014