CVSS: 7.2EPSS: 0%CPEs: 59EXPL: 0CVE-2021-34722 – Cisco IOS XR Software Command Injection Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-34722
09 Sep 2021 — Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory. Varias vulnerabilidades en la CLI de Cisco IOS XR Software podrían permitir a un atacante local autenticado conseguir acceso al shell root subyacente de un dispositivo afectado y ejecutar comando... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.9EPSS: 0%CPEs: 59EXPL: 0CVE-2021-34721 – Cisco IOS XR Software Command Injection Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-34721
09 Sep 2021 — Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory. Varias vulnerabilidades en la CLI de Cisco IOS XR Software podrían permitir a un atacante local autenticado conseguir acceso al shell root subyacente de un dispositivo afectado y ejecutar comando... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.6EPSS: 1%CPEs: 72EXPL: 0CVE-2021-34720 – Cisco IOS XR Software IP Service Level Agreements and Two-Way Active Measurement Protocol Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34720
09 Sep 2021 — A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending speci... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP • CWE-771: Missing Reference to Active Allocated Resource •
CVSS: 7.8EPSS: 0%CPEs: 63EXPL: 0CVE-2021-34719 – Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-34719
09 Sep 2021 — Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en la CLI de Cisco IOS XR Software podrían permitir a un atacante local autenticado con una cuenta de bajo privilegio elevar los privilegios en un dispositivo afectado. Para conseguir más información sobre estas ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.5EPSS: 1%CPEs: 51EXPL: 0CVE-2021-34718 – Cisco IOS XR Software Arbitrary File Read and Write Vulnerability
https://notcve.org/view.php?id=CVE-2021-34718
09 Sep 2021 — A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attack... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.4EPSS: 0%CPEs: 17EXPL: 0CVE-2021-34713 – Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-34713
09 Sep 2021 — A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are at... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD • CWE-399: Resource Management Errors •
CVSS: 8.6EPSS: 1%CPEs: 13EXPL: 0CVE-2020-26070 – Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-26070
12 Nov 2020 — A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY • CWE-404: Improper Resource Shutdown or Release •
CVSS: 9.8EPSS: 4%CPEs: 135EXPL: 0CVE-2020-3284 – Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3284
06 Nov 2020 — A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2 • CWE-284: Improper Access Control •
CVSS: 8.6EPSS: 34%CPEs: 31EXPL: 0CVE-2020-3569 – Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability
https://notcve.org/view.php?id=CVE-2020-3569
23 Sep 2020 — Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabil... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.4EPSS: 0%CPEs: 23EXPL: 0CVE-2020-3530 – Cisco IOS XR Authenticated User Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3530
04 Sep 2020 — A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to iss... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv • CWE-264: Permissions, Privileges, and Access Controls CWE-863: Incorrect Authorization •