CVSS: 7.4EPSS: 0%CPEs: 30EXPL: 0CVE-2024-20406 – Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20406
11 Sep 2024 — A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the att... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-xehpbVNe • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 271EXPL: 0CVE-2024-20381 – Cisco Network Services Orchestrator Configuration Update Authorization Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2024-20381
11 Sep 2024 — A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco Crosswork Network Services Orchestrator (NSO), Cisco Optical Site Manager, and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device. This vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could explo... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-auth-bypass-QnTEesp • CWE-285: Improper Authorization •
CVSS: 7.4EPSS: 0%CPEs: 10EXPL: 0CVE-2024-20317 – Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20317
11 Sep 2024 — A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect classification of certain types of Ethernet frames that are received on an interface. An attacker could exploit this vulnerability by sending specific types of Ethernet frames t... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-l2services-2mvHdNuC • CWE-684: Incorrect Provision of Specified Functionality •
CVSS: 8.8EPSS: 0%CPEs: 76EXPL: 0CVE-2024-20398 – Cisco IOS XR Software Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-20398
11 Sep 2024 — A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-CrG5vhCq • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 86EXPL: 0CVE-2024-20390 – Cisco IOS XR Software Dedicated XML Agent TCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2024-20390
11 Sep 2024 — A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751. This vulnerability is due to a lack of proper error validation of ingress XML packets. An attacker could exploit this vulnerability by sending a sustained, crafted stream of XML traffic to a targeted device. A successful exploit could allow the attacker to cause XML TCP port 38751 to become unreachable while the attack tr... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-xml-tcpdos-ZEXvrU2S • CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 5.5EPSS: 0%CPEs: 66EXPL: 0CVE-2024-20343 – Cisco IOS XR Software CLI Arbitrary File Read Vulnerability
https://notcve.org/view.php?id=CVE-2024-20343
11 Sep 2024 — A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the arguments that are passed to a specific CLI command. An attacker could exploit this vulnerability by logging in to an affected device with low-privileged credentials and using the affected command. A successful expl... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-shellutil-HCb278wD • CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: 93EXPL: 0CVE-2024-20319
https://notcve.org/view.php?id=CVE-2024-20319
13 Mar 2024 — A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affected device. This vulnerability is due to incorrect UDP forwarding programming when using SNMP with management plane protection. An attacker could exploit this vulnerability by attempting to perform an SNMP operation using broadcast as the destination address that ... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-uhv6ZDeF • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 82EXPL: 0CVE-2024-20262
https://notcve.org/view.php?id=CVE-2024-20262
13 Mar 2024 — A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of Cisco IOS XR Software could allow an authenticated, local attacker to create or overwrite files in a system directory, which could lead to a denial of service (DoS) condition. The attacker would require valid user credentials to perform this attack. This vulnerability is due to a lack of proper validation of SCP and SFTP CLI input parameters. An attacker could exploit this vulnerability by authenticating to the device and issuing SCP or S... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-dos-kb6sUUHw • CWE-269: Improper Privilege Management •
CVSS: 7.4EPSS: 0%CPEs: 36EXPL: 0CVE-2024-20318
https://notcve.org/view.php?id=CVE-2024-20318
13 Mar 2024 — A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of specific Ethernet frames that are received on line cards that have the Layer 2 services feature enabled. An attacker could exploit this vulnerability by sending specific Ethernet frames through an affected device. A successful explo... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrl2vpn-jesrU3fc • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 91EXPL: 0CVE-2024-20266
https://notcve.org/view.php?id=CVE-2024-20266
13 Mar 2024 — A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to c... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-3tgPKRdm • CWE-476: NULL Pointer Dereference •