Cisco Nexus 3550-F Switches ACL Programming Bypass (cisco-sa-3550-acl-bypass-mhskZc2q)

medium Nessus Plugin ID 299956

Synopsis

The remote device is missing a security patch.

Description

According to its self-reported version, Cisco Nexus 3550-F is affected by a vulnerability.

- A vulnerability in the access control list (ACL) programming of Cisco Nexus 3550-F Switches could allow an unauthenticated, remote attacker to send traffic that should be blocked to the management interface of an affected device. This vulnerability is due to ACL deny rules not being properly enforced at the time of device reboot. An attacker could exploit this vulnerability by attempting to send traffic to the management interface of an affected device. A successful exploit could allow the attacker to send traffic to the management interface that should have been blocked by configured ACL deny rules. (CVE-2024-20371)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwi98129.

Plugin Details

Severity: Medium

ID: 299956

File Name: cisco-sa-3550-acl-bypass-mhskZc2q.nasl

Version: 1.1

Type: local

Family: CISCO

Published: 2/25/2026

Updated: 2/25/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2024-20371

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Vulnerability Information

CPE: cpe:/a:cisco:nexus-3550-f

Required KB Items: installed_sw/Cisco Nexus 3550-F

Exploit Ease: No known exploits are available

Patch Publication Date: 11/6/2024

Vulnerability Publication Date: 11/6/2024

Reference Information

CVE: CVE-2024-20371

CWE: 264

CISCO-SA: cisco-sa-3550-acl-bypass-mhskZc2q

IAVA: 2024-A-0723

CISCO-BUG-ID: CSCwi98129

Detections

Analytics