CVE-2023-20064

Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability

Severity Score

4.6

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device.

*Credits: N/A

CVSS Scores

NISTv3.1 4.6

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-10-27 CVE Reserved
2023-03-09 CVE Published
2024-08-02 CVE Updated
2024-08-19 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-862: Missing Authorization

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq	2023-11-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9000v-v2 Search vendor "Cisco" for product "Asr 9000v-v2"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9001 Search vendor "Cisco" for product "Asr 9001"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9006 Search vendor "Cisco" for product "Asr 9006"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9010 Search vendor "Cisco" for product "Asr 9010"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9901 Search vendor "Cisco" for product "Asr 9901"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9902 Search vendor "Cisco" for product "Asr 9902"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9903 Search vendor "Cisco" for product "Asr 9903"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9904 Search vendor "Cisco" for product "Asr 9904"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9906 Search vendor "Cisco" for product "Asr 9906"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9910 Search vendor "Cisco" for product "Asr 9910"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9912 Search vendor "Cisco" for product "Asr 9912"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 9922 Search vendor "Cisco" for product "Asr 9922"	-	x64	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ios Xrv 9000 Search vendor "Cisco" for product "Ios Xrv 9000"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 1001 Search vendor "Cisco" for product "Ncs 1001"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 1002 Search vendor "Cisco" for product "Ncs 1002"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.9.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.9.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 1004 Search vendor "Cisco" for product "Ncs 1004"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Nc57-18dd-se Search vendor "Cisco" for product "Nc57-18dd-se"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Nc57-24dd Search vendor "Cisco" for product "Nc57-24dd"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Nc57-36h-se Search vendor "Cisco" for product "Nc57-36h-se"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Nc57-36h6d-s Search vendor "Cisco" for product "Nc57-36h6d-s"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 540 Search vendor "Cisco" for product "Ncs 540"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 540 Fronthaul Search vendor "Cisco" for product "Ncs 540 Fronthaul"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 5501 Search vendor "Cisco" for product "Ncs 5501"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 5501-se Search vendor "Cisco" for product "Ncs 5501-se"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 5502 Search vendor "Cisco" for product "Ncs 5502"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 5502-se Search vendor "Cisco" for product "Ncs 5502-se"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 5508 Search vendor "Cisco" for product "Ncs 5508"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 5516 Search vendor "Cisco" for product "Ncs 5516"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 560-4 Search vendor "Cisco" for product "Ncs 560-4"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 560-7 Search vendor "Cisco" for product "Ncs 560-7"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 57b1-5dse-sys Search vendor "Cisco" for product "Ncs 57b1-5dse-sys"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 57b1-6d24-sys Search vendor "Cisco" for product "Ncs 57b1-6d24-sys"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 57c1-48q6-sys Search vendor "Cisco" for product "Ncs 57c1-48q6-sys"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 57c3-mod-sys Search vendor "Cisco" for product "Ncs 57c3-mod-sys"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.6.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.6.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 57c3-mods-sys Search vendor "Cisco" for product "Ncs 57c3-mods-sys"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.7.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.7.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 5001 Search vendor "Cisco" for product "Ncs 5001"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.7.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.7.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 5002 Search vendor "Cisco" for product "Ncs 5002"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	< 7.7.1 Search vendor "Cisco" for product "Ios Xr" and version " < 7.7.1"	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 5011 Search vendor "Cisco" for product "Ncs 5011"	-	-	Safe
Cisco Search vendor "Cisco"	Ios Xr Search vendor "Cisco" for product "Ios Xr"	*	-	Affected	in	Cisco Search vendor "Cisco"	Ncs 6000 Search vendor "Cisco" for product "Ncs 6000"	-	-	Safe