6 results (0.417 seconds)

CVSS: 7.8EPSS: 0%CPEs: 54EXPL: 0

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device. Una vulnerabilidad en la función de arranque iPXE del software Cisco IOS XR podría permitir que un atacante local autenticado instale una imagen de software no verificada en un dispositivo afectado. Esta vulnerabilidad se debe a una verificación de imagen insuficiente. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB • CWE-345: Insufficient Verification of Data Authenticity CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 7.8EPSS: 0%CPEs: 63EXPL: 0

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en la CLI de Cisco IOS XR Software podrían permitir a un atacante local autenticado con una cuenta de bajo privilegio elevar los privilegios en un dispositivo afectado. Para conseguir más información sobre estas vulnerabilidades, consulte la sección Details de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.6EPSS: 0%CPEs: 72EXPL: 0

A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process. Una vulnerabilidad en las funciones de respuesta de los Acuerdos de Nivel de Servicio IP (IP SLA) y del Protocolo de Medición Activa de Dos Vías (TWAMP) de Cisco IOS XR Software podría permitir a un atacante remoto no autenticado causar el agotamiento de la memoria de paquetes del dispositivo o causar el bloqueo del proceso IP SLA, resultando en una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP • CWE-771: Missing Reference to Active Allocated Resource •

CVSS: 7.8EPSS: 0%CPEs: 63EXPL: 0

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en la CLI de Cisco IOS XR Software podrían permitir a un atacante local autenticado con una cuenta de bajo privilegio elevar los privilegios en un dispositivo afectado. Para conseguir más información sobre estas vulnerabilidades, consulte la sección Details de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.5EPSS: 0%CPEs: 51EXPL: 0

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to. Una vulnerabilidad en el proceso del servidor SSH de Cisco IOS XR Software podría permitir a un atacante remoto autenticado sobrescribir y leer archivos arbitrario en el dispositivo local. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •