CVE-2024-20263 (GCVE-0-2024-20263)
Vulnerability from cvelistv5
Published
2024-01-26 17:27
Modified
2024-11-13 14:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
A vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. This vulnerability is due to incorrect processing of ACLs on a stacked configuration when either the primary or backup switches experience a full stack reload or power cycle. An attacker could exploit this vulnerability by sending crafted traffic through an affected device. A successful exploit could allow the attacker to bypass configured ACLs, causing traffic to be dropped or forwarded in an unexpected manner. The attacker does not have control over the conditions that result in the device being in the vulnerable state. Note: In the vulnerable state, the ACL would be correctly applied on the primary devices but could be incorrectly applied to the backup devices.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business Smart and Managed Switches |
Version: 2.0.0.73 Version: 2.1.0.63 Version: 2.2.0.63 Version: 2.2.0.66 Version: 2.2.5.68 Version: 2.2.7.07 Version: 2.2.8.04 Version: 2.3.0.130 Version: 2.3.5.63 Version: 2.4.0.91 Version: 2.4.0.94 Version: 2.4.5.71 Version: 2.5.0.78 Version: 2.5.0.79 Version: 2.5.0.82 Version: 2.5.0.83 Version: 2.5.0.89 Version: 2.5.0.90 Version: 2.5.0.92 Version: 2.5.5.47 Version: 2.5.7.85 Version: 2.5.8.12 Version: 2.5.8.15 Version: 2.5.9.13 Version: 2.5.9.15 Version: 2.5.9.16 Version: 3.0.0.61 Version: 3.0.0.69 Version: 3.1.0.57 Version: 3.1.1.7 Version: 3.2.0.84 Version: 3.2.0.89 Version: 3.2.1.1 Version: 3.3.0.16 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:52:31.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-sb-bus-acl-bypass-5zn9hNJk",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-bus-acl-bypass-5zn9hNJk"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20263",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-31T16:31:15.728944Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T14:55:13.733Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Small Business Smart and Managed Switches",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.0.0.73"
},
{
"status": "affected",
"version": "2.1.0.63"
},
{
"status": "affected",
"version": "2.2.0.63"
},
{
"status": "affected",
"version": "2.2.0.66"
},
{
"status": "affected",
"version": "2.2.5.68"
},
{
"status": "affected",
"version": "2.2.7.07"
},
{
"status": "affected",
"version": "2.2.8.04"
},
{
"status": "affected",
"version": "2.3.0.130"
},
{
"status": "affected",
"version": "2.3.5.63"
},
{
"status": "affected",
"version": "2.4.0.91"
},
{
"status": "affected",
"version": "2.4.0.94"
},
{
"status": "affected",
"version": "2.4.5.71"
},
{
"status": "affected",
"version": "2.5.0.78"
},
{
"status": "affected",
"version": "2.5.0.79"
},
{
"status": "affected",
"version": "2.5.0.82"
},
{
"status": "affected",
"version": "2.5.0.83"
},
{
"status": "affected",
"version": "2.5.0.89"
},
{
"status": "affected",
"version": "2.5.0.90"
},
{
"status": "affected",
"version": "2.5.0.92"
},
{
"status": "affected",
"version": "2.5.5.47"
},
{
"status": "affected",
"version": "2.5.7.85"
},
{
"status": "affected",
"version": "2.5.8.12"
},
{
"status": "affected",
"version": "2.5.8.15"
},
{
"status": "affected",
"version": "2.5.9.13"
},
{
"status": "affected",
"version": "2.5.9.15"
},
{
"status": "affected",
"version": "2.5.9.16"
},
{
"status": "affected",
"version": "3.0.0.61"
},
{
"status": "affected",
"version": "3.0.0.69"
},
{
"status": "affected",
"version": "3.1.0.57"
},
{
"status": "affected",
"version": "3.1.1.7"
},
{
"status": "affected",
"version": "3.2.0.84"
},
{
"status": "affected",
"version": "3.2.0.89"
},
{
"status": "affected",
"version": "3.2.1.1"
},
{
"status": "affected",
"version": "3.3.0.16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. This vulnerability is due to incorrect processing of ACLs on a stacked configuration when either the primary or backup switches experience a full stack reload or power cycle. An attacker could exploit this vulnerability by sending crafted traffic through an affected device. A successful exploit could allow the attacker to bypass configured ACLs, causing traffic to be dropped or forwarded in an unexpected manner. The attacker does not have control over the conditions that result in the device being in the vulnerable state. Note: In the vulnerable state, the ACL would be correctly applied on the primary devices but could be incorrectly applied to the backup devices."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T15:42:34.210Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-bus-acl-bypass-5zn9hNJk",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-bus-acl-bypass-5zn9hNJk"
}
],
"source": {
"advisory": "cisco-sa-sb-bus-acl-bypass-5zn9hNJk",
"defects": [
"CSCwf48882",
"CSCwh68993"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20263",
"datePublished": "2024-01-26T17:27:08.928Z",
"dateReserved": "2023-11-08T15:08:07.623Z",
"dateUpdated": "2024-11-13T14:55:13.733Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2024-02-02T15:42:34.210Z\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability with the access control list (ACL) management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. This vulnerability is due to incorrect processing of ACLs on a stacked configuration when either the primary or backup switches experience a full stack reload or power cycle. An attacker could exploit this vulnerability by sending crafted traffic through an affected device. A successful exploit could allow the attacker to bypass configured ACLs, causing traffic to be dropped or forwarded in an unexpected manner. The attacker does not have control over the conditions that result in the device being in the vulnerable state. Note: In the vulnerable state, the ACL would be correctly applied on the primary devices but could be incorrectly applied to the backup devices.\"}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Small Business Smart and Managed Switches\", \"versions\": [{\"version\": \"2.0.0.73\", \"status\": \"affected\"}, {\"version\": \"2.1.0.63\", \"status\": \"affected\"}, {\"version\": \"2.2.0.63\", \"status\": \"affected\"}, {\"version\": \"2.2.0.66\", \"status\": \"affected\"}, {\"version\": \"2.2.5.68\", \"status\": \"affected\"}, {\"version\": \"2.2.7.07\", \"status\": \"affected\"}, {\"version\": \"2.2.8.04\", \"status\": \"affected\"}, {\"version\": \"2.3.0.130\", \"status\": \"affected\"}, {\"version\": \"2.3.5.63\", \"status\": \"affected\"}, {\"version\": \"2.4.0.91\", \"status\": \"affected\"}, {\"version\": \"2.4.0.94\", \"status\": \"affected\"}, {\"version\": \"2.4.5.71\", \"status\": \"affected\"}, {\"version\": \"2.5.0.78\", \"status\": \"affected\"}, {\"version\": \"2.5.0.79\", \"status\": \"affected\"}, {\"version\": \"2.5.0.82\", \"status\": \"affected\"}, {\"version\": \"2.5.0.83\", \"status\": \"affected\"}, {\"version\": \"2.5.0.89\", \"status\": \"affected\"}, {\"version\": \"2.5.0.90\", \"status\": \"affected\"}, {\"version\": \"2.5.0.92\", \"status\": \"affected\"}, {\"version\": \"2.5.5.47\", \"status\": \"affected\"}, {\"version\": \"2.5.7.85\", \"status\": \"affected\"}, {\"version\": \"2.5.8.12\", \"status\": \"affected\"}, {\"version\": \"2.5.8.15\", \"status\": \"affected\"}, {\"version\": \"2.5.9.13\", \"status\": \"affected\"}, {\"version\": \"2.5.9.15\", \"status\": \"affected\"}, {\"version\": \"2.5.9.16\", \"status\": \"affected\"}, {\"version\": \"3.0.0.61\", \"status\": \"affected\"}, {\"version\": \"3.0.0.69\", \"status\": \"affected\"}, {\"version\": \"3.1.0.57\", \"status\": \"affected\"}, {\"version\": \"3.1.1.7\", \"status\": \"affected\"}, {\"version\": \"3.2.0.84\", \"status\": \"affected\"}, {\"version\": \"3.2.0.89\", \"status\": \"affected\"}, {\"version\": \"3.2.1.1\", \"status\": \"affected\"}, {\"version\": \"3.3.0.16\", \"status\": \"affected\"}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Improper Access Control\", \"type\": \"cwe\", \"cweId\": \"CWE-284\"}]}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-bus-acl-bypass-5zn9hNJk\", \"name\": \"cisco-sa-sb-bus-acl-bypass-5zn9hNJk\"}], \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N\", \"baseScore\": 5.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"source\": {\"advisory\": \"cisco-sa-sb-bus-acl-bypass-5zn9hNJk\", \"discovery\": \"EXTERNAL\", \"defects\": [\"CSCwf48882\", \"CSCwh68993\"]}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T21:52:31.672Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-bus-acl-bypass-5zn9hNJk\", \"name\": \"cisco-sa-sb-bus-acl-bypass-5zn9hNJk\", \"tags\": [\"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-20263\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-01-31T16:31:15.728944Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T14:54:37.390Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-20263\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"cisco\", \"dateReserved\": \"2023-11-08T15:08:07.623Z\", \"datePublished\": \"2024-01-26T17:27:08.928Z\", \"dateUpdated\": \"2024-11-13T14:55:13.733Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…