CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2021-1389 – Cisco IOS XR and Cisco NX-OS Software IPv6 Access Control List Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1389
A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to improper processing of IPv6 traffic that is sent through an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 packets that traverse the affected device. A successful exploit could allow the attacker to access resources that would typically be protected by the interface ACL. Una vulnerabilidad en el procesamiento del tráfico IPv6 del Software Cisco IOS XR, y el Software Cisco NX-OS para determinados dispositivos Cisco, podría permitir a un atacante remoto no autenticado omitir una lista de control de acceso (ACL) IPv6 configurada para una interfaz de un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv6-acl-CHgdYk8j • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-1128 – Cisco IOS XR Software Unauthorized Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1128
A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local attacker to view more information than their privileges allow. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain sensitive information within the configuration that otherwise might not have been accessible beyond the privileges of the invoking user. Una vulnerabilidad en el analizador de la CLI del Software Cisco IOS XR, podría permitir a un atacante autenticado local visualizar más información de la que sus privilegios permiten. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-infodisc-4mtm9Gyt • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2021-1136 – Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Image Verification Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-1136
Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en los Enrutadores Cisco Network Convergence System (NCS) 540 Series, solo cuando ejecutan imágenes de software de NCS540L de Cisco IOS XR y el Software Cisco IOS XR para los Enrutadores Cisco 8000 Series podrían permitir a un atacante autenticado local ejecutar código sin firmar durante el proceso de arranque en un dispositivo afectado. Para mayor información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxr-l-zNhcGCBt • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-1243 – Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1243
A vulnerability in the Local Packet Transport Services (LPTS) programming of the SNMP with the management plane protection feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to allow connections despite the management plane protection that is configured to deny access to the SNMP server of an affected device. This vulnerability is due to incorrect LPTS programming when using SNMP with management plane protection. An attacker could exploit this vulnerability by connecting to an affected device using SNMP. A successful exploit could allow the attacker to connect to the device on the configured SNMP ports. Valid credentials are required to execute any of the SNMP requests. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-7MKrW7Nq • CWE-284: Improper Access Control •
CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2021-1244 – Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Image Verification Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-1244
Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en los Enrutadores Cisco Network Convergence System (NCS) 540 Series, solo cuando ejecutan imágenes de Software de NCS540L de Cisco IOS XR, y el Software Cisco IOS XR para los Enrutadores Cisco 8000 Series, podrían permitir a un atacante autenticado local ejecutar código sin firmar durante el proceso de arranque en un dispositivo afectado. Para mayor información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ioxr-l-zNhcGCBt • CWE-347: Improper Verification of Cryptographic Signature •