Preview Tool

Cisco Bug: CSCtb10368 - RADIUS - Cisco-AVPair ignored if it's the only VSA in accept packet

Last Modified

Mar 16, 2016

Products (3)

  • Cisco Nexus 5000 Series Switches
  • Cisco Nexus 5020 Switch
  • Cisco Nexus 5010 Switch

Known Affected Releases


Description (partial)

 Nexus switch running NX-OS 4.1(3) or earlier may assign
 the default "network-operator" role despite a different
 role was returned in the Cisco-AVPair attribute from Radius,
 This issue might happen if Cisco-AVPair is the only Radius VSA
 in the Radius Accept packet. Cisco ACS returns additional VSA
 but some other Radius servers might be configured to return
 only Cisco-AVPair VSA to the Nexus switch.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.