All the vulnerabilites related to cisco - asr_9906
cve-2019-16027
Vulnerability from cvelistv5
Published
2020-01-26 04:31
Modified
2024-11-15 17:46
Severity ?
7.7 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS–IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS–IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS–IS process.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dosvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.808Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200122 Cisco IOS XR Software Intermediate System\u2013to\u2013Intermediate System Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-16027",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:30:02.490330Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:46:10.927Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of the Intermediate System\u0026ndash;to\u0026ndash;Intermediate System (IS\u0026ndash;IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS\u0026ndash;IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS\u0026ndash;IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS\u0026ndash;IS process."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-26T04:31:08",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200122 Cisco IOS XR Software Intermediate System\u2013to\u2013Intermediate System Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20200122-ios-xr-dos",
        "defect": [
          [
            "CSCvr62342"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Intermediate System\u2013to\u2013Intermediate System Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-01-22T16:00:00-0800",
          "ID": "CVE-2019-16027",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Intermediate System\u2013to\u2013Intermediate System Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of the Intermediate System\u0026ndash;to\u0026ndash;Intermediate System (IS\u0026ndash;IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS\u0026ndash;IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS\u0026ndash;IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS\u0026ndash;IS process."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.7",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200122 Cisco IOS XR Software Intermediate System\u2013to\u2013Intermediate System Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20200122-ios-xr-dos",
          "defect": [
            [
              "CSCvr62342"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-16027",
    "datePublished": "2020-01-26T04:31:08.495973Z",
    "dateReserved": "2019-09-06T00:00:00",
    "dateUpdated": "2024-11-15T17:46:10.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-0418
Vulnerability from cvelistv5
Published
2018-08-15 20:00
Modified
2024-11-26 14:47
Severity ?
Summary
A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858.
References
http://www.securitytracker.com/id/1041538vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/105185vdb-entry, x_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dosvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:15.611Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1041538",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041538"
          },
          {
            "name": "105185",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105185"
          },
          {
            "name": "20180815 Cisco ASR 9000 Series Aggregation Services Routers Precision Time Protocol Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0418",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:53:34.567761Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:47:23.721Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ASR 9000 Series Aggregation Services Router Software",
          "vendor": "Cisco Systems, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "unspecified"
            }
          ]
        }
      ],
      "datePublic": "2018-08-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-31T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1041538",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041538"
        },
        {
          "name": "105185",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105185"
        },
        {
          "name": "20180815 Cisco ASR 9000 Series Aggregation Services Routers Precision Time Protocol Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-08-15T00:00:00",
          "ID": "CVE-2018-0418",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ASR 9000 Series Aggregation Services Router Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "unspecified"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco Systems, Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1041538",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041538"
            },
            {
              "name": "105185",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105185"
            },
            {
              "name": "20180815 Cisco ASR 9000 Series Aggregation Services Routers Precision Time Protocol Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0418",
    "datePublished": "2018-08-15T20:00:00Z",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-26T14:47:23.721Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-16020
Vulnerability from cvelistv5
Published
2020-01-26 04:30
Modified
2024-11-15 17:46
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.663Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-16020",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:22:39.249238Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:46:32.554Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-26T04:30:57",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20200122-ios-xr-evpn",
        "defect": [
          [
            "CSCvr74413",
            "CSCvr74986",
            "CSCvr80793",
            "CSCvr83742",
            "CSCvr84254"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-01-22T16:00:00-0800",
          "ID": "CVE-2019-16020",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20200122-ios-xr-evpn",
          "defect": [
            [
              "CSCvr74413",
              "CSCvr74986",
              "CSCvr80793",
              "CSCvr83742",
              "CSCvr84254"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-16020",
    "datePublished": "2020-01-26T04:30:57.751382Z",
    "dateReserved": "2019-09-06T00:00:00",
    "dateUpdated": "2024-11-15T17:46:32.554Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-34728
Vulnerability from cvelistv5
Published
2021-09-09 05:01
Modified
2024-11-07 22:00
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.161Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34728",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:43:09.558894Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T22:00:30.308Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-09T05:01:25",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-privescal-dZYMrKf",
        "defect": [
          [
            "CSCvx48004",
            "CSCvx48007"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00",
          "ID": "CVE-2021-34728",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.8",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxr-privescal-dZYMrKf",
          "defect": [
            [
              "CSCvx48004",
              "CSCvx48007"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34728",
    "datePublished": "2021-09-09T05:01:25.148942Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T22:00:30.308Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-0136
Vulnerability from cvelistv5
Published
2018-01-31 20:00
Modified
2024-12-02 21:24
Severity ?
Summary
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.
References
http://www.securityfocus.com/bid/102905vdb-entry, x_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6x_refsource_CONFIRM
http://www.securitytracker.com/id/1040315vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.885Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102905",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102905"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6"
          },
          {
            "name": "1040315",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040315"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0136",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-02T19:11:34.315844Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T21:24:47.666Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Aggregation Services Router 9000 Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco Aggregation Services Router 9000 Series"
            }
          ]
        }
      ],
      "datePublic": "2018-01-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-03T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "102905",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102905"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6"
        },
        {
          "name": "1040315",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040315"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0136",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Aggregation Services Router 9000 Series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco Aggregation Services Router 9000 Series"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102905",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102905"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6"
            },
            {
              "name": "1040315",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040315"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0136",
    "datePublished": "2018-01-31T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-12-02T21:24:47.666Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-3120
Vulnerability from cvelistv5
Published
2020-02-05 17:50
Modified
2024-11-15 17:42
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dosvendor-advisory, x_refsource_CISCO
http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3120",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:29:31.395421Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:42:14.893Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "2.3.1.173",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-02-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-05T18:06:04",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
        "defect": [
          [
            "CSCvr14976",
            "CSCvr15024",
            "CSCvr15072",
            "CSCvr15073",
            "CSCvr15078",
            "CSCvr15079",
            "CSCvr15082",
            "CSCvr15083",
            "CSCvr15111"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-02-05T16:00:00-0800",
          "ID": "CVE-2020-3120",
          "STATE": "PUBLIC",
          "TITLE": "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "2.3.1.173"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-190"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos"
            },
            {
              "name": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
          "defect": [
            [
              "CSCvr14976",
              "CSCvr15024",
              "CSCvr15072",
              "CSCvr15073",
              "CSCvr15078",
              "CSCvr15079",
              "CSCvr15082",
              "CSCvr15083",
              "CSCvr15111"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3120",
    "datePublished": "2020-02-05T17:50:18.427416Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-15T17:42:14.893Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-3530
Vulnerability from cvelistv5
Published
2020-09-04 02:25
Modified
2024-11-13 18:08
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Summary
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqvvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.667Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200902 Cisco IOS XR Authenticated User Privilege Escalation Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3530",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:24:12.678128Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T18:08:33.006Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-09-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-04T02:25:40",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200902 Cisco IOS XR Authenticated User Privilege Escalation Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-cli-privescl-sDVEmhqv",
        "defect": [
          [
            "CSCvu79978",
            "CSCvu99038",
            "CSCvv05925"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Authenticated User Privilege Escalation Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-09-02T16:00:00",
          "ID": "CVE-2020-3530",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Authenticated User Privilege Escalation Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.4",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200902 Cisco IOS XR Authenticated User Privilege Escalation Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxr-cli-privescl-sDVEmhqv",
          "defect": [
            [
              "CSCvu79978",
              "CSCvu99038",
              "CSCvv05925"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3530",
    "datePublished": "2020-09-04T02:25:40.623334Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T18:08:33.006Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-15989
Vulnerability from cvelistv5
Published
2020-01-26 04:30
Modified
2024-11-15 17:46
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim’s BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dosvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.644Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200122 Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-15989",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:22:41.672887Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:46:50.977Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim\u0026rsquo;s BGP network on an existing, valid TCP connection to a BGP peer."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-26T04:30:38",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200122 Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20200122-ios-xr-bgp-dos",
        "defect": [
          [
            "CSCvr69950"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-01-22T16:00:00-0800",
          "ID": "CVE-2019-15989",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim\u0026rsquo;s BGP network on an existing, valid TCP connection to a BGP peer."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200122 Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20200122-ios-xr-bgp-dos",
          "defect": [
            [
              "CSCvr69950"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-15989",
    "datePublished": "2020-01-26T04:30:38.252280Z",
    "dateReserved": "2019-09-06T00:00:00",
    "dateUpdated": "2024-11-15T17:46:50.977Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-1686
Vulnerability from cvelistv5
Published
2019-04-17 21:50
Modified
2024-11-19 19:11
Severity ?
5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this vulnerability by sending traffic through an affected device that should otherwise be denied by the configured ACL. An exploit could allow the attacker to bypass protection offered by a configured ACL on the affected device. There are workarounds that address this vulnerability. Affected Cisco IOS XR versions are: Cisco IOS XR Software Release 5.1.1 and later till first fixed. First Fixed Releases: 6.5.2 and later, 6.6.1 and later.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxraclvendor-advisory, x_refsource_CISCO
http://www.securityfocus.com/bid/108026vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:40.969Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190417 Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxracl"
          },
          {
            "name": "108026",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108026"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1686",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:24:50.214598Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:11:39.657Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.5.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "6.6.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-04-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this vulnerability by sending traffic through an affected device that should otherwise be denied by the configured ACL. An exploit could allow the attacker to bypass protection offered by a configured ACL on the affected device. There are workarounds that address this vulnerability. Affected Cisco IOS XR versions are: Cisco IOS XR Software Release 5.1.1 and later till first fixed. First Fixed Releases: 6.5.2 and later, 6.6.1 and later."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-23T07:06:04",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190417 Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxracl"
        },
        {
          "name": "108026",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108026"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190417-iosxracl",
        "defect": [
          [
            "CSCvm01102"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-04-17T16:00:00-0700",
          "ID": "CVE-2019-1686",
          "STATE": "PUBLIC",
          "TITLE": "Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "6.5.2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "6.6.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this vulnerability by sending traffic through an affected device that should otherwise be denied by the configured ACL. An exploit could allow the attacker to bypass protection offered by a configured ACL on the affected device. There are workarounds that address this vulnerability. Affected Cisco IOS XR versions are: Cisco IOS XR Software Release 5.1.1 and later till first fixed. First Fixed Releases: 6.5.2 and later, 6.6.1 and later."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190417 Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxracl"
            },
            {
              "name": "108026",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108026"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190417-iosxracl",
          "defect": [
            [
              "CSCvm01102"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1686",
    "datePublished": "2019-04-17T21:50:21.580813Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:11:39.657Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-20677
Vulnerability from cvelistv5
Published
2022-04-15 14:16
Modified
2024-11-06 16:25
Severity ?
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
Summary
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFjvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:17:52.949Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20677",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T15:58:59.031676Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T16:25:32.069Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-04-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-15T14:16:46",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iox-yuXQ6hFj",
        "defect": [
          [
            "CSCvx27640",
            "CSCvy16608",
            "CSCvy30903",
            "CSCvy30957",
            "CSCvy35913",
            "CSCvy35914",
            "CSCvy86583",
            "CSCvy86598",
            "CSCvy86602",
            "CSCvy86603",
            "CSCvy86604",
            "CSCvy86608"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOx Application Hosting Environment Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-04-13T16:00:00",
          "ID": "CVE-2022-20677",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOx Application Hosting Environment Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.5",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iox-yuXQ6hFj",
          "defect": [
            [
              "CSCvx27640",
              "CSCvy16608",
              "CSCvy30903",
              "CSCvy30957",
              "CSCvy35913",
              "CSCvy35914",
              "CSCvy86583",
              "CSCvy86598",
              "CSCvy86602",
              "CSCvy86603",
              "CSCvy86604",
              "CSCvy86608"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20677",
    "datePublished": "2022-04-15T14:16:46.734986Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-06T16:25:32.069Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20064
Vulnerability from cvelistv5
Published
2023-03-09 00:00
Modified
2024-10-25 16:03
Severity ?
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fqvendor-advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.558Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230308 Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20064",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T14:36:23.610206Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T16:03:12.091Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-03-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-09T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230308 Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-load-infodisc-9rdOr5Fq",
        "defect": [
          [
            "CSCvz42457",
            "CSCwc97332",
            "CSCwd61802",
            "CSCwd61820",
            "CSCwd79460"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20064",
    "datePublished": "2023-03-09T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-25T16:03:12.091Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-34722
Vulnerability from cvelistv5
Published
2021-09-09 05:01
Modified
2024-11-07 22:00
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.254Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34722",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:43:10.838609Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T22:00:36.407Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-09T05:01:19",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-cmd-inj-wbZKvPxc",
        "defect": [
          [
            "CSCvx48001",
            "CSCvx48002"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Command Injection Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00",
          "ID": "CVE-2021-34722",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Command Injection Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.7",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxr-cmd-inj-wbZKvPxc",
          "defect": [
            [
              "CSCvx48001",
              "CSCvx48002"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34722",
    "datePublished": "2021-09-09T05:01:20.026571Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T22:00:36.407Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20065
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-08-02 08:57
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.585Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-iox-priv-escalate-Xg8zkyPk",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "16.4.1"
            },
            {
              "status": "affected",
              "version": "16.4.2"
            },
            {
              "status": "affected",
              "version": "16.4.3"
            },
            {
              "status": "affected",
              "version": "17.3.1"
            },
            {
              "status": "affected",
              "version": "17.3.2"
            },
            {
              "status": "affected",
              "version": "17.3.3"
            },
            {
              "status": "affected",
              "version": "17.3.1a"
            },
            {
              "status": "affected",
              "version": "17.3.1w"
            },
            {
              "status": "affected",
              "version": "17.3.2a"
            },
            {
              "status": "affected",
              "version": "17.3.1x"
            },
            {
              "status": "affected",
              "version": "17.3.1z"
            },
            {
              "status": "affected",
              "version": "17.3.4"
            },
            {
              "status": "affected",
              "version": "17.3.5"
            },
            {
              "status": "affected",
              "version": "17.3.4a"
            },
            {
              "status": "affected",
              "version": "17.3.6"
            },
            {
              "status": "affected",
              "version": "17.3.4b"
            },
            {
              "status": "affected",
              "version": "17.3.4c"
            },
            {
              "status": "affected",
              "version": "17.3.5a"
            },
            {
              "status": "affected",
              "version": "17.3.5b"
            },
            {
              "status": "affected",
              "version": "17.4.1"
            },
            {
              "status": "affected",
              "version": "17.4.2"
            },
            {
              "status": "affected",
              "version": "17.4.1a"
            },
            {
              "status": "affected",
              "version": "17.4.1b"
            },
            {
              "status": "affected",
              "version": "17.4.2a"
            },
            {
              "status": "affected",
              "version": "17.5.1"
            },
            {
              "status": "affected",
              "version": "17.5.1a"
            },
            {
              "status": "affected",
              "version": "17.5.1b"
            },
            {
              "status": "affected",
              "version": "17.5.1c"
            },
            {
              "status": "affected",
              "version": "17.6.1"
            },
            {
              "status": "affected",
              "version": "17.6.2"
            },
            {
              "status": "affected",
              "version": "17.6.1w"
            },
            {
              "status": "affected",
              "version": "17.6.1a"
            },
            {
              "status": "affected",
              "version": "17.6.1x"
            },
            {
              "status": "affected",
              "version": "17.6.3"
            },
            {
              "status": "affected",
              "version": "17.6.1y"
            },
            {
              "status": "affected",
              "version": "17.6.1z"
            },
            {
              "status": "affected",
              "version": "17.6.3a"
            },
            {
              "status": "affected",
              "version": "17.6.4"
            },
            {
              "status": "affected",
              "version": "17.6.1z1"
            },
            {
              "status": "affected",
              "version": "17.7.1"
            },
            {
              "status": "affected",
              "version": "17.7.1a"
            },
            {
              "status": "affected",
              "version": "17.7.1b"
            },
            {
              "status": "affected",
              "version": "17.7.2"
            },
            {
              "status": "affected",
              "version": "17.8.1"
            },
            {
              "status": "affected",
              "version": "17.8.1a"
            },
            {
              "status": "affected",
              "version": "17.9.1"
            },
            {
              "status": "affected",
              "version": "17.9.1w"
            },
            {
              "status": "affected",
              "version": "17.9.2"
            },
            {
              "status": "affected",
              "version": "17.9.1a"
            },
            {
              "status": "affected",
              "version": "17.9.2a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. \r\n\r This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "Improper Access Control",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T16:57:40.501Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-iox-priv-escalate-Xg8zkyPk",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iox-priv-escalate-Xg8zkyPk",
        "defects": [
          "CSCwd25783"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20065",
    "datePublished": "2023-03-23T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-08-02T08:57:35.585Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-0167
Vulnerability from cvelistv5
Published
2018-03-28 22:00
Modified
2024-11-13 18:24
Severity ?
Summary
Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldpx_refsource_CONFIRM
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03x_refsource_MISC
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04x_refsource_MISC
http://www.securitytracker.com/id/1040586vdb-entry, x_refsource_SECTRACK
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05x_refsource_MISC
http://www.securityfocus.com/bid/103564vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.810Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
          },
          {
            "name": "1040586",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040586"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
          },
          {
            "name": "103564",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103564"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0167",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T17:25:01.571442Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-0167"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T18:24:23.697Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS, IOS XE, and IOS XR",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco IOS, IOS XE, and IOS XR"
            }
          ]
        }
      ],
      "datePublic": "2018-03-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-19T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
        },
        {
          "name": "1040586",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040586"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
        },
        {
          "name": "103564",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103564"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0167",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS, IOS XE, and IOS XR",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco IOS, IOS XE, and IOS XR"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
            },
            {
              "name": "1040586",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040586"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
            },
            {
              "name": "103564",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103564"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0167",
    "datePublished": "2018-03-28T22:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-13T18:24:23.697Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12240
Vulnerability from cvelistv5
Published
2017-09-28 07:00
Modified
2024-11-15 17:56
Severity ?
Summary
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.
References
https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959x_refsource_CONFIRM
https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390x_refsource_CONFIRM
http://www.securityfocus.com/bid/101034vdb-entry, x_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcpx_refsource_CONFIRM
http://www.securitytracker.com/id/1039445vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:28:16.785Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390"
          },
          {
            "name": "101034",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101034"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp"
          },
          {
            "name": "1039445",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039445"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2017-12240",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T16:05:13.721131Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-12240"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:56:33.432Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS and IOS XE",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco IOS and IOS XE"
            }
          ]
        }
      ],
      "datePublic": "2017-09-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-29T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390"
        },
        {
          "name": "101034",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101034"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp"
        },
        {
          "name": "1039445",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039445"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12240",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS and IOS XE",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco IOS and IOS XE"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959",
              "refsource": "CONFIRM",
              "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959"
            },
            {
              "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390",
              "refsource": "CONFIRM",
              "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390"
            },
            {
              "name": "101034",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101034"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp"
            },
            {
              "name": "1039445",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039445"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-12240",
    "datePublished": "2017-09-28T07:00:00",
    "dateReserved": "2017-08-03T00:00:00",
    "dateUpdated": "2024-11-15T17:56:33.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-1842
Vulnerability from cvelistv5
Published
2019-06-05 16:20
Modified
2024-11-21 19:23
Severity ?
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-sshvendor-advisory, x_refsource_CISCO
http://www.securityfocus.com/bid/108687vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.866Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190605 Cisco IOS XR Software Secure Shell Authentication Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh"
          },
          {
            "name": "108687",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108687"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1842",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:58:16.687085Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:23:06.717Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.1.4",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-06-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-10T07:06:04",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190605 Cisco IOS XR Software Secure Shell Authentication Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh"
        },
        {
          "name": "108687",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108687"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190605-iosxr-ssh",
        "defect": [
          [
            "CSCvo03672"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Secure Shell Authentication Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-06-05T16:00:00-0700",
          "ID": "CVE-2019-1842",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Secure Shell Authentication Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.1.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.4",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-285"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190605 Cisco IOS XR Software Secure Shell Authentication Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh"
            },
            {
              "name": "108687",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108687"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190605-iosxr-ssh",
          "defect": [
            [
              "CSCvo03672"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1842",
    "datePublished": "2019-06-05T16:20:15.262993Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:23:06.717Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-16022
Vulnerability from cvelistv5
Published
2020-01-26 04:31
Modified
2024-11-15 17:46
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.825Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-16022",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:22:37.501287Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:46:21.678Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-26T04:31:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20200122-ios-xr-evpn",
        "defect": [
          [
            "CSCvr74413",
            "CSCvr74986",
            "CSCvr80793",
            "CSCvr83742",
            "CSCvr84254"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-01-22T16:00:00-0800",
          "ID": "CVE-2019-16022",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20200122-ios-xr-evpn",
          "defect": [
            [
              "CSCvr74413",
              "CSCvr74986",
              "CSCvr80793",
              "CSCvr83742",
              "CSCvr84254"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-16022",
    "datePublished": "2020-01-26T04:31:03.023685Z",
    "dateReserved": "2019-09-06T00:00:00",
    "dateUpdated": "2024-11-15T17:46:21.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-15428
Vulnerability from cvelistv5
Published
2018-10-05 14:00
Modified
2024-11-26 14:27
Severity ?
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dosvendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1041790vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T09:54:03.419Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20181003 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos"
          },
          {
            "name": "1041790",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041790"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-15428",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-25T18:47:47.186898Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:27:41.055Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-07T09:57:02",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20181003 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos"
        },
        {
          "name": "1041790",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041790"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20181003-iosxr-dos",
        "defect": [
          [
            "CSCvj58445"
          ]
        ],
        "discovery": "UNKNOWN"
      },
      "title": "Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2018-10-03T16:00:00-0500",
          "ID": "CVE-2018-15428",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20181003 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos"
            },
            {
              "name": "1041790",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041790"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20181003-iosxr-dos",
          "defect": [
            [
              "CSCvj58445"
            ]
          ],
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-15428",
    "datePublished": "2018-10-05T14:00:00Z",
    "dateReserved": "2018-08-17T00:00:00",
    "dateUpdated": "2024-11-26T14:27:41.055Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-3569
Vulnerability from cvelistv5
Published
2020-09-23 00:25
Modified
2024-11-08 16:09
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.472Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3569",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T16:08:35.328890Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-3569"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T16:09:50.094Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-08-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of these vulnerabilities in the wild. For affected products, Cisco recommends implementing a mitigation that is appropriate for the customer\u2019s environment."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-23T00:25:17",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
        "defect": [
          [
            "CSCvr86414",
            "CSCvv54838"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-08-29T03:00:00",
          "ID": "CVE-2020-3569",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of these vulnerabilities in the wild. For affected products, Cisco recommends implementing a mitigation that is appropriate for the customer\u2019s environment."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
          "defect": [
            [
              "CSCvr86414",
              "CSCvv54838"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3569",
    "datePublished": "2020-09-23T00:25:17.287176Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-08T16:09:50.094Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-3566
Vulnerability from cvelistv5
Published
2020-08-29 15:15
Modified
2024-11-08 16:09
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:55.511Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3566",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T16:09:11.203941Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-3566"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T16:09:30.061Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-08-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild. For affected products, Cisco recommends implementing a mitigation that is appropriate for the customer\u2019s environment."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-08-29T15:15:13",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
        "defect": [
          [
            "CSCvv54838"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-08-29T03:00:00",
          "ID": "CVE-2020-3566",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild. For affected products, Cisco recommends implementing a mitigation that is appropriate for the customer\u2019s environment."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
          "defect": [
            [
              "CSCvv54838"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3566",
    "datePublished": "2020-08-29T15:15:13.627473Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-08T16:09:30.061Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-34721
Vulnerability from cvelistv5
Published
2021-09-09 05:01
Modified
2024-11-07 22:00
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.110Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34721",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:43:12.552835Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T22:00:42.833Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-09T05:01:13",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-cmd-inj-wbZKvPxc",
        "defect": [
          [
            "CSCvx48001",
            "CSCvx48002"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Command Injection Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00",
          "ID": "CVE-2021-34721",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Command Injection Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.7",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxr-cmd-inj-wbZKvPxc",
          "defect": [
            [
              "CSCvx48001",
              "CSCvx48002"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34721",
    "datePublished": "2021-09-09T05:01:13.579483Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T22:00:42.833Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-34718
Vulnerability from cvelistv5
Published
2021-09-09 05:00
Modified
2024-11-07 22:01
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2vendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.124Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210908 Cisco IOS XR Software Arbitrary File Read and Write Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34718",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:43:15.314953Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T22:01:03.620Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-88",
              "description": "CWE-88",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-09T05:00:43",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210908 Cisco IOS XR Software Arbitrary File Read and Write Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-scp-inject-QwZOCv2",
        "defect": [
          [
            "CSCvx48017"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Arbitrary File Read and Write Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00",
          "ID": "CVE-2021-34718",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Arbitrary File Read and Write Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-88"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210908 Cisco IOS XR Software Arbitrary File Read and Write Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxr-scp-inject-QwZOCv2",
          "defect": [
            [
              "CSCvx48017"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34718",
    "datePublished": "2021-09-09T05:00:43.820831Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T22:01:03.620Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-1846
Vulnerability from cvelistv5
Published
2019-05-16 01:20
Modified
2024-11-21 19:23
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dosvendor-advisory, x_refsource_CISCO
http://www.securityfocus.com/bid/108363vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:28:42.819Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190515 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dos"
          },
          {
            "name": "108363",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108363"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1846",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:58:19.418046Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:23:38.523Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-05-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-17T12:06:06",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190515 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dos"
        },
        {
          "name": "108363",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108363"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190515-iosxr-mpls-dos",
        "defect": [
          [
            "CSCvk63685"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-05-15T16:00:00-0700",
          "ID": "CVE-2019-1846",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190515 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dos"
            },
            {
              "name": "108363",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108363"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190515-iosxr-mpls-dos",
          "defect": [
            [
              "CSCvk63685"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1846",
    "datePublished": "2019-05-16T01:20:47.585647Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:23:38.523Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-34737
Vulnerability from cvelistv5
Published
2021-09-09 05:01
Modified
2024-11-07 22:00
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Summary
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLUvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.091Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210908 Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34737",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:54:21.168817Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T22:00:23.958Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-09T05:01:30",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210908 Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-dhcp-dos-pjPVReLU",
        "defect": [
          [
            "CSCvw95930"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00",
          "ID": "CVE-2021-34737",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "5.8",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-476"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210908 Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxr-dhcp-dos-pjPVReLU",
          "defect": [
            [
              "CSCvw95930"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34737",
    "datePublished": "2021-09-09T05:01:30.516919Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T22:00:23.958Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-12709
Vulnerability from cvelistv5
Published
2019-09-25 20:15
Modified
2024-11-20 17:09
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker who has valid administrator access to an affected device could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to run arbitrary commands on the underlying operating system with root privileges, which may lead to complete system compromise.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privescvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:24:39.347Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190925 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-12709",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-20T16:51:47.819211Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-20T17:09:59.064Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-09-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker who has valid administrator access to an affected device could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to run arbitrary commands on the underlying operating system with root privileges, which may lead to complete system compromise."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-25T20:15:34",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190925 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190925-xr-asr9k-privesc",
        "defect": [
          [
            "CSCvo19278"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-09-25T16:00:00-0700",
          "ID": "CVE-2019-12709",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker who has valid administrator access to an affected device could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to run arbitrary commands on the underlying operating system with root privileges, which may lead to complete system compromise."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.7",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190925 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190925-xr-asr9k-privesc",
          "defect": [
            [
              "CSCvo19278"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-12709",
    "datePublished": "2019-09-25T20:15:35.015947Z",
    "dateReserved": "2019-06-04T00:00:00",
    "dateUpdated": "2024-11-20T17:09:59.064Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-20919
Vulnerability from cvelistv5
Published
2022-09-30 18:46
Modified
2024-11-01 18:50
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9vendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:31:57.396Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220928 Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20919",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-01T18:43:50.327091Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T18:50:12.263Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-09-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "CWE-248",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-30T18:46:37",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220928 Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxe-cip-dos-9rTbKLt9",
        "defect": [
          [
            "CSCwa96810"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-09-28T23:00:00",
          "ID": "CVE-2022-20919",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-248"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220928 Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxe-cip-dos-9rTbKLt9",
          "defect": [
            [
              "CSCwa96810"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20919",
    "datePublished": "2022-09-30T18:46:37.481110Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-01T18:50:12.263Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20236
Vulnerability from cvelistv5
Published
2023-09-13 16:39
Modified
2024-10-23 19:10
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:05:35.905Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
            "tags": [
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:cisco:ios_xr_software:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ios_xr_software",
            "vendor": "cisco",
            "versions": [
              {
                "lessThanOrEqual": "7.9.2",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20236",
                "options": [
                  {
                    "Exploitation": "None"
                  },
                  {
                    "Automatable": "No"
                  },
                  {
                    "Technical Impact": "Total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-11-15T16:36:16.200980Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-23T19:10:48.388Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "5.2.0"
            },
            {
              "status": "affected",
              "version": "5.2.1"
            },
            {
              "status": "affected",
              "version": "5.2.2"
            },
            {
              "status": "affected",
              "version": "5.2.4"
            },
            {
              "status": "affected",
              "version": "5.2.3"
            },
            {
              "status": "affected",
              "version": "5.2.5"
            },
            {
              "status": "affected",
              "version": "5.2.47"
            },
            {
              "status": "affected",
              "version": "5.3.0"
            },
            {
              "status": "affected",
              "version": "5.3.1"
            },
            {
              "status": "affected",
              "version": "5.3.2"
            },
            {
              "status": "affected",
              "version": "5.3.3"
            },
            {
              "status": "affected",
              "version": "5.3.4"
            },
            {
              "status": "affected",
              "version": "6.0.0"
            },
            {
              "status": "affected",
              "version": "6.0.1"
            },
            {
              "status": "affected",
              "version": "6.0.2"
            },
            {
              "status": "affected",
              "version": "6.1.1"
            },
            {
              "status": "affected",
              "version": "6.1.2"
            },
            {
              "status": "affected",
              "version": "6.1.3"
            },
            {
              "status": "affected",
              "version": "6.1.4"
            },
            {
              "status": "affected",
              "version": "6.1.12"
            },
            {
              "status": "affected",
              "version": "6.1.22"
            },
            {
              "status": "affected",
              "version": "6.1.32"
            },
            {
              "status": "affected",
              "version": "6.1.36"
            },
            {
              "status": "affected",
              "version": "6.1.42"
            },
            {
              "status": "affected",
              "version": "6.2.1"
            },
            {
              "status": "affected",
              "version": "6.2.2"
            },
            {
              "status": "affected",
              "version": "6.2.3"
            },
            {
              "status": "affected",
              "version": "6.2.25"
            },
            {
              "status": "affected",
              "version": "6.2.11"
            },
            {
              "status": "affected",
              "version": "6.3.2"
            },
            {
              "status": "affected",
              "version": "6.3.3"
            },
            {
              "status": "affected",
              "version": "6.3.15"
            },
            {
              "status": "affected",
              "version": "6.4.1"
            },
            {
              "status": "affected",
              "version": "6.4.2"
            },
            {
              "status": "affected",
              "version": "6.4.3"
            },
            {
              "status": "affected",
              "version": "6.5.1"
            },
            {
              "status": "affected",
              "version": "6.5.2"
            },
            {
              "status": "affected",
              "version": "6.5.3"
            },
            {
              "status": "affected",
              "version": "6.5.25"
            },
            {
              "status": "affected",
              "version": "6.5.26"
            },
            {
              "status": "affected",
              "version": "6.5.28"
            },
            {
              "status": "affected",
              "version": "6.5.29"
            },
            {
              "status": "affected",
              "version": "6.5.32"
            },
            {
              "status": "affected",
              "version": "6.5.33"
            },
            {
              "status": "affected",
              "version": "6.6.2"
            },
            {
              "status": "affected",
              "version": "6.6.3"
            },
            {
              "status": "affected",
              "version": "6.6.25"
            },
            {
              "status": "affected",
              "version": "6.6.4"
            },
            {
              "status": "affected",
              "version": "7.0.1"
            },
            {
              "status": "affected",
              "version": "7.0.2"
            },
            {
              "status": "affected",
              "version": "7.0.12"
            },
            {
              "status": "affected",
              "version": "7.0.14"
            },
            {
              "status": "affected",
              "version": "7.1.1"
            },
            {
              "status": "affected",
              "version": "7.1.15"
            },
            {
              "status": "affected",
              "version": "7.1.2"
            },
            {
              "status": "affected",
              "version": "7.1.3"
            },
            {
              "status": "affected",
              "version": "6.7.1"
            },
            {
              "status": "affected",
              "version": "6.7.2"
            },
            {
              "status": "affected",
              "version": "6.7.3"
            },
            {
              "status": "affected",
              "version": "6.7.4"
            },
            {
              "status": "affected",
              "version": "7.2.0"
            },
            {
              "status": "affected",
              "version": "7.2.1"
            },
            {
              "status": "affected",
              "version": "7.2.2"
            },
            {
              "status": "affected",
              "version": "7.3.1"
            },
            {
              "status": "affected",
              "version": "7.3.15"
            },
            {
              "status": "affected",
              "version": "7.3.2"
            },
            {
              "status": "affected",
              "version": "7.3.3"
            },
            {
              "status": "affected",
              "version": "7.3.5"
            },
            {
              "status": "affected",
              "version": "7.4.1"
            },
            {
              "status": "affected",
              "version": "7.4.2"
            },
            {
              "status": "affected",
              "version": "6.8.1"
            },
            {
              "status": "affected",
              "version": "6.8.2"
            },
            {
              "status": "affected",
              "version": "7.5.1"
            },
            {
              "status": "affected",
              "version": "7.5.3"
            },
            {
              "status": "affected",
              "version": "7.5.2"
            },
            {
              "status": "affected",
              "version": "7.5.4"
            },
            {
              "status": "affected",
              "version": "7.6.1"
            },
            {
              "status": "affected",
              "version": "7.6.2"
            },
            {
              "status": "affected",
              "version": "7.7.1"
            },
            {
              "status": "affected",
              "version": "7.7.2"
            },
            {
              "status": "affected",
              "version": "7.7.21"
            },
            {
              "status": "affected",
              "version": "6.9.1"
            },
            {
              "status": "affected",
              "version": "6.9.2"
            },
            {
              "status": "affected",
              "version": "7.8.1"
            },
            {
              "status": "affected",
              "version": "7.8.2"
            },
            {
              "status": "affected",
              "version": "7.9.1"
            },
            {
              "status": "affected",
              "version": "7.9.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device.\r\n\r This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "Improper Verification of Cryptographic Signature",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-07T19:50:10.951Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
        "defects": [
          "CSCvz63925",
          "CSCvz63918",
          "CSCwe12502",
          "CSCvz63929",
          "CSCwi31568",
          "CSCwh78724",
          "CSCwi26526",
          "CSCwh70601",
          "CSCwh78727",
          "CSCwj83430",
          "CSCwj88475"
        ],
        "discovery": "INTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20236",
    "datePublished": "2023-09-13T16:39:19.418Z",
    "dateReserved": "2022-10-27T18:47:50.370Z",
    "dateUpdated": "2024-10-23T19:10:48.388Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-34719
Vulnerability from cvelistv5
Published
2021-09-09 05:00
Modified
2024-11-07 22:00
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.125Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34719",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:43:13.784833Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T22:00:55.836Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-09T05:00:53",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxr-privescal-dZYMrKf",
        "defect": [
          [
            "CSCvx48004",
            "CSCvx48007"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00",
          "ID": "CVE-2021-34719",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.8",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxr-privescal-dZYMrKf",
          "defect": [
            [
              "CSCvx48004",
              "CSCvx48007"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34719",
    "datePublished": "2021-09-09T05:00:53.764430Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T22:00:55.836Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-0241
Vulnerability from cvelistv5
Published
2018-04-19 20:00
Modified
2024-11-29 15:16
Severity ?
Summary
A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxrx_refsource_CONFIRM
http://www.securitytracker.com/id/1040710vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/103929vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:21:13.891Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr"
          },
          {
            "name": "1040710",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040710"
          },
          {
            "name": "103929",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103929"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0241",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-29T14:38:36.573899Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-29T15:16:58.735Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco IOS XR"
            }
          ]
        }
      ],
      "datePublic": "2018-04-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-21T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr"
        },
        {
          "name": "1040710",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040710"
        },
        {
          "name": "103929",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103929"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0241",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco IOS XR"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr"
            },
            {
              "name": "1040710",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040710"
            },
            {
              "name": "103929",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103929"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0241",
    "datePublished": "2018-04-19T20:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-11-29T15:16:58.735Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-34720
Vulnerability from cvelistv5
Published
2021-09-09 05:01
Modified
2024-11-07 22:00
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpPvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.088Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210908 Cisco IOS XR Software IP Service Level Agreements  and Two-Way Active Measurement Protocol Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34720",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:54:22.268217Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T22:00:49.116Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-771",
              "description": "CWE-771",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-09T05:01:03",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210908 Cisco IOS XR Software IP Service Level Agreements  and Two-Way Active Measurement Protocol Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ipsla-ZA3SRrpP",
        "defect": [
          [
            "CSCvw32825",
            "CSCvw61840"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software IP Service Level Agreements  and Two-Way Active Measurement Protocol Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00",
          "ID": "CVE-2021-34720",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software IP Service Level Agreements  and Two-Way Active Measurement Protocol Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-771"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210908 Cisco IOS XR Software IP Service Level Agreements  and Two-Way Active Measurement Protocol Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ipsla-ZA3SRrpP",
          "defect": [
            [
              "CSCvw32825",
              "CSCvw61840"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34720",
    "datePublished": "2021-09-09T05:01:03.855610Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T22:00:49.116Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20066
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-25 16:02
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9Vvendor-advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.555Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230322 Cisco IOS XE Software Web UI Path Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20066",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-25T14:36:10.650206Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-25T16:02:41.984Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-23",
              "description": "CWE-23",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-23T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230322 Cisco IOS XE Software Web UI Path Traversal Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V"
        }
      ],
      "source": {
        "advisory": "cisco-sa-webui-pthtrv-es7GSb9V",
        "defect": [
          [
            "CSCwc76009"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XE Software Web UI Path Traversal Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20066",
    "datePublished": "2023-03-23T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-25T16:02:41.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12231
Vulnerability from cvelistv5
Published
2017-09-28 07:00
Modified
2024-11-15 17:58
Severity ?
Summary
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217.
References
http://www.securitytracker.com/id/1039449vdb-entry, x_refsource_SECTRACK
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-natx_refsource_CONFIRM
http://www.securityfocus.com/bid/101039vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:28:16.883Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039449",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039449"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat"
          },
          {
            "name": "101039",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101039"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2017-12231",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T17:34:43.023495Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-12231"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:58:19.069Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco IOS"
            }
          ]
        }
      ],
      "datePublic": "2017-09-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-29T09:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1039449",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039449"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat"
        },
        {
          "name": "101039",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101039"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12231",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco IOS"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039449",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039449"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat"
            },
            {
              "name": "101039",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101039"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-12231",
    "datePublished": "2017-09-28T07:00:00",
    "dateReserved": "2017-08-03T00:00:00",
    "dateUpdated": "2024-11-15T17:58:19.069Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-20049
Vulnerability from cvelistv5
Published
2023-03-09 00:00
Modified
2024-10-28 16:33
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbTvendor-advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:57:35.607Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20230308 Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbT"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20049",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-28T16:24:40.994516Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-28T16:33:14.713Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software ",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2023-03-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-805",
              "description": "CWE-805",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-09T00:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20230308 Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbT"
        }
      ],
      "source": {
        "advisory": "cisco-sa-bfd-XmRescbT",
        "defect": [
          [
            "CSCwc39336"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2023-20049",
    "datePublished": "2023-03-09T00:00:00",
    "dateReserved": "2022-10-27T00:00:00",
    "dateUpdated": "2024-10-28T16:33:14.713Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-26070
Vulnerability from cvelistv5
Published
2020-11-12 02:05
Modified
2024-11-13 17:40
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS condition. The device would need to be restarted to regain functionality.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QYvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:49:06.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20201110 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-26070",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:12:05.316184Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T17:40:55.842Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS condition. The device would need to be restarted to regain functionality."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-404",
              "description": "CWE-404",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-12T02:05:13",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20201110 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY"
        }
      ],
      "source": {
        "advisory": "cisco-sa-xr-cp-dos-ej8VB9QY",
        "defect": [
          [
            "CSCvv09115"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-11-10T16:00:00",
          "ID": "CVE-2020-26070",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS condition. The device would need to be restarted to regain functionality."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-404"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20201110 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-xr-cp-dos-ej8VB9QY",
          "defect": [
            [
              "CSCvv09115"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-26070",
    "datePublished": "2020-11-12T02:05:13.841123Z",
    "dateReserved": "2020-09-24T00:00:00",
    "dateUpdated": "2024-11-13T17:40:55.842Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-3118
Vulnerability from cvelistv5
Published
2020-02-05 17:40
Modified
2024-11-08 16:12
Severity ?
8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rcevendor-advisory, x_refsource_CISCO
http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:24:00.571Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200205 Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3118",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T16:12:28.712809Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-3118"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T16:12:42.862Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.6.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-02-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-134",
              "description": "CWE-134",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-05T18:06:04",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200205 Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20200205-iosxr-cdp-rce",
        "defect": [
          [
            "CSCvr09190"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-02-05T16:00:00-0800",
          "ID": "CVE-2020-3118",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.6.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.8",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-134"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200205 Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce"
            },
            {
              "name": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20200205-iosxr-cdp-rce",
          "defect": [
            [
              "CSCvr09190"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3118",
    "datePublished": "2020-02-05T17:40:16.080703Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-08T16:12:42.862Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-20848
Vulnerability from cvelistv5
Published
2022-09-30 18:45
Modified
2024-11-01 18:50
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNzvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T02:24:49.940Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20220928 Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-20848",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-01T18:43:52.111733Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-01T18:50:52.282Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2022-09-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-30T18:45:59",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20220928 Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz"
        }
      ],
      "source": {
        "advisory": "cisco-sa-wlc-udp-dos-XDyEwhNz",
        "defect": [
          [
            "CSCwb18118"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2022-09-28T23:00:00",
          "ID": "CVE-2022-20848",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XE Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "8.6",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20220928 Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-wlc-udp-dos-XDyEwhNz",
          "defect": [
            [
              "CSCwb18118"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2022-20848",
    "datePublished": "2022-09-30T18:45:59.665856Z",
    "dateReserved": "2021-11-02T00:00:00",
    "dateUpdated": "2024-11-01T18:50:52.282Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-34713
Vulnerability from cvelistv5
Published
2021-09-09 05:00
Modified
2024-11-07 22:01
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFDvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:19:48.108Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210908 Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-34713",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T21:40:45.646027Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T22:01:10.190Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-09T05:00:33",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210908 Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD"
        }
      ],
      "source": {
        "advisory": "cisco-sa-npspin-QYpwdhFD",
        "defect": [
          [
            "CSCvq33187"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00",
          "ID": "CVE-2021-34713",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210908 Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-npspin-QYpwdhFD",
          "defect": [
            [
              "CSCvq33187"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-34713",
    "datePublished": "2021-09-09T05:00:33.935977Z",
    "dateReserved": "2021-06-15T00:00:00",
    "dateUpdated": "2024-11-07T22:01:10.190Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-16018
Vulnerability from cvelistv5
Published
2020-01-26 04:30
Modified
2024-11-15 17:46
Severity ?
7.4 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes’ status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routesvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:03:32.796Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200122 Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-16018",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-15T16:30:06.960997Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-15T17:46:42.156Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "n/a",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-01-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes\u0026rsquo; status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-399",
              "description": "CWE-399",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-26T04:30:47",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200122 Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20200122-ios-xr-routes",
        "defect": [
          [
            "CSCvr74902"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-01-22T16:00:00-0800",
          "ID": "CVE-2019-16018",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes\u0026rsquo; status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200122 Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20200122-ios-xr-routes",
          "defect": [
            [
              "CSCvr74902"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-16018",
    "datePublished": "2020-01-26T04:30:48.072294Z",
    "dateReserved": "2019-09-06T00:00:00",
    "dateUpdated": "2024-11-15T17:46:42.156Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-1909
Vulnerability from cvelistv5
Published
2019-07-06 01:20
Modified
2024-11-21 19:19
Severity ?
6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dosvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:35:52.025Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20190703 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1909",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T18:57:54.713683Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T19:19:47.050Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XR Software",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "6.4.2",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-07-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-06T01:20:14",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20190703 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190703-iosxr-bgp-dos",
        "defect": [
          [
            "CSCvo90073"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-07-03T16:00:00-0700",
          "ID": "CVE-2019-1909",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XR Software",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "6.4.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190703 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190703-iosxr-bgp-dos",
          "defect": [
            [
              "CSCvo90073"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1909",
    "datePublished": "2019-07-06T01:20:14.693033Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-21T19:19:47.050Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2023-03-09 22:15
Modified
2024-11-21 07:40
Severity ?
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5FqVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5FqVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xrv_9000 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco nc57-18dd-se -
cisco nc57-24dd -
cisco nc57-36h-se -
cisco nc57-36h6d-s -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ncs_57b1-5dse-sys -
cisco ncs_57b1-6d24-sys -
cisco ncs_57c1-48q6-sys -
cisco ncs_57c3-mod-sys -
cisco ncs_57c3-mods-sys -
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ncs_6000 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8E6CEEB-0908-4884-A51E-000000DE5E92",
              "versionEndExcluding": "7.9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "FAE7AE4D-73A6-4179-80DA-2219563928E1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FF7BDEE-8351-4CE3-BEAD-42C8767E0BF8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "A5266F35-6886-4CF1-81DB-25626A0A26A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25F4932-6940-4934-B110-577417B93948",
              "versionEndExcluding": "7.6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nc57-18dd-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98728BD8-C11B-413D-8C8A-052661A608AA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nc57-24dd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B61EB0-E121-4899-9504-269CE4E7E3EB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nc57-36h-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6811F99A-F96F-4B26-AF68-DC1A8C3B65E0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nc57-36h6d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "560B88A5-3716-43AB-A094-063293EF6509",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13EEDD1C-25BC-4AFA-AF60-66DE36927528",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CD3B06B-864E-4A35-B0C3-1654390022D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD1B4F37-5AAA-4F40-8865-226289CB5CEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_57c3-mod-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "355F78C3-C07F-48C3-9B6E-55714EAA7331",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_57c3-mods-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F06B5D-6CE8-42C3-8760-89B4EF1FFC21",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3FBC1F6-F523-485A-A466-B6DBA15E6537",
              "versionEndExcluding": "7.7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C15E168-11DA-4219-B689-78BC48935263",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device."
    }
  ],
  "id": "CVE-2023-20064",
  "lastModified": "2024-11-21T07:40:28.087",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 3.6,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-09T22:15:52.277",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-862"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-09-13 17:15
Modified
2024-11-21 07:40
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgBVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgBVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco 8201 -
cisco 8202 -
cisco 8208 -
cisco 8212 -
cisco 8218 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_4009 -
cisco ncs_4016 -
cisco ncs_4201 -
cisco ncs_4202 -
cisco ncs_4206 -
cisco ncs_4216 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_540 -
cisco ncs_5500 -
cisco ncs_5501 -
cisco ncs_5501 se
cisco ncs_5502 -
cisco ncs_5502 se
cisco ncs_5504 -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ncs_57b1-5dse-sys -
cisco ncs_57b1-6d24-sys -
cisco ncs_57c1-48q6-sys -
cisco ncs_57c3-mod-sys -
cisco ncs_57c3-mods-sys -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F31C819-2725-4295-8FF3-BA00A7A6BE92",
              "versionEndExcluding": "7.10.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8208:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A34DAD43-0C95-4830-8078-EFE3E6C0A930",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8212:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "46F5CBF0-7F55-44C0-B321-896BDBA22679",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8218:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D381E343-416F-42AF-A780-D330954F238F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE2514A1-486C-40F7-8746-56E2B973CBE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E7ED87-8AC0-4107-A7A5-F334236E2906",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F40E779D-5865-4E4B-AE2D-CF1860BA19E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6A867F-E809-4CB5-82DB-2670CB0A6359",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41C5ECF8-EFFE-4C27-8DCB-2533BFD5200F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68C23248-3D61-4BAF-9602-BA31FB4374DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4206:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C36494B4-8E2D-4399-97B5-725792BD5C45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4216:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0819EF17-5102-45FF-96AD-85BE17FD6921",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D686F339-9406-4ADF-B124-C815D43E4CAA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FE69B4-DF27-46F1-8037-4B8D1F229C6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*",
              "matchCriteriaId": "603980FE-9865-4A71-A37C-A90B7F3B72D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5504:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AC4E089-296D-4C19-BF21-DDF2501DD77C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13EEDD1C-25BC-4AFA-AF60-66DE36927528",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CD3B06B-864E-4A35-B0C3-1654390022D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD1B4F37-5AAA-4F40-8865-226289CB5CEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_57c3-mod-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "355F78C3-C07F-48C3-9B6E-55714EAA7331",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_57c3-mods-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F06B5D-6CE8-42C3-8760-89B4EF1FFC21",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device.\r\n\r This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de arranque iPXE del software Cisco IOS XR podr\u00eda permitir que un atacante local autenticado instale una imagen de software no verificada en un dispositivo afectado. Esta vulnerabilidad se debe a una verificaci\u00f3n de imagen insuficiente. Un atacante podr\u00eda aprovechar esta vulnerabilidad manipulando los par\u00e1metros de arranque para la verificaci\u00f3n de im\u00e1genes durante el proceso de arranque iPXE en un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante iniciar una imagen de software no verificada en el dispositivo afectado."
    }
  ],
  "id": "CVE-2023-20236",
  "lastModified": "2024-11-21T07:40:57.700",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-09-13T17:15:09.607",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-347"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-345"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_4009 -
cisco ncs_4016 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco ios_xr *
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F40E779D-5865-4E4B-AE2D-CF1860BA19E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6A867F-E809-4CB5-82DB-2670CB0A6359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la CLI de Cisco IOS XR Software podr\u00edan permitir a un atacante local autenticado con una cuenta de bajo privilegio elevar los privilegios en un dispositivo afectado. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Details de este aviso"
    }
  ],
  "id": "CVE-2021-34728",
  "lastModified": "2024-11-21T06:11:03.867",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-09T05:15:11.870",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9VVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9VVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 16.12.3
cisco ios_xe 17.3.2
cisco ios_xe 17.6.2
cisco 1000_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 4321_integrated_services_router -
cisco 4331_integrated_services_router -
cisco 4351_integrated_services_router -
cisco 4431_integrated_services_router -
cisco 4451-x_integrated_services_router -
cisco 4451_integrated_services_router -
cisco 4461_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8800_12-slot -
cisco 8800_18-slot -
cisco 8800_4-slot -
cisco 8800_8-slot -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco 9800-40 -
cisco 9800-80 -
cisco 9800-cl -
cisco 9800-l -
cisco asr_1000 -
cisco asr_1000-esp100 -
cisco asr_1000-esp100-x -
cisco asr_1000-esp200-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_900 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9000v v2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
cisco catalyst_9200 -
cisco catalyst_9200cx -
cisco catalyst_9200l -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9400 -
cisco catalyst_9400_supervisor_engine-1 -
cisco catalyst_9407r -
cisco catalyst_9410r -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9600_supervisor_engine-1 -
cisco catalyst_9600x -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-40_wireless_controller -
cisco catalyst_9800-80 -
cisco catalyst_9800-80_wireless_controller -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -
cisco catalyst_9800_embedded_wireless_controller -
cisco catalyst_ie3200 -
cisco catalyst_ie3200_rugged_switch -
cisco catalyst_ie3300 -
cisco catalyst_ie3300_rugged_switch -
cisco catalyst_ie3400 -
cisco catalyst_ie3400_heavy_duty_switch -
cisco catalyst_ie3400_rugged_switch -
cisco catalyst_ie9300 -
cisco cbr-8 -
cisco cg418-e -
cisco cg522-e -
cisco esr6300 -
cisco ess-3300-24t-con-a -
cisco ess-3300-24t-con-e -
cisco ess-3300-24t-ncp-a -
cisco ess-3300-24t-ncp-e -
cisco ess-3300-con-a -
cisco ess-3300-con-e -
cisco ess-3300-ncp-a -
cisco ess-3300-ncp-e -
cisco ess9300-10x-e -
cisco integrated_services_virtual_router -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE2514A1-486C-40F7-8746-56E2B973CBE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C3816C-95F4-443C-9C79-72F0251528F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1810C73-93B8-4EB5-85FC-3585AD5256BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE2BC76E-A166-4E71-B058-F49FF84A9E19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "542244A0-300C-4630-812A-BF45F61E38DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "917B52DF-4210-4DD6-97EF-8A033497A954",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp200-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7F413FB-D4F9-4113-9D67-2956BF1DC30D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E673A75F-EFF8-4591-8E0F-A21083563DBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "515CD97F-DDBD-4F75-A6DB-646890A30B32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E181FC9-6790-4C12-874F-67252B6879BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE063AF2-5579-4D7E-8829-9102FC7CB994",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18E4A46-10D3-48F8-9E92-377ACA447257",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE110B5-CC6E-4103-9983-4195BCC28165",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B97DDC45-ABD1-4C8F-A249-0865345637A4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FE4D129-435B-45DD-838D-4017BD94DF93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "456C68A8-F3C8-4302-B55A-134979B42045",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C6733C-F77B-4688-B051-C1557F4D8D41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD45D77-4097-4AFB-98DF-5B8188316C20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31608C12-FBED-4EAD-96EC-48BC4B356B77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D989205A-0576-415C-935E-E83AD42FD1CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C3EB40-574A-48F7-A679-90F62ED976B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CC6206-DF19-4636-84C2-8912E443D122",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85489F69-EAF0-4971-8C93-36838A8AA00E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA179D79-07E7-4721-85BB-0C740B516B1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E7ED87-8AC0-4107-A7A5-F334236E2906",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "005F5347-A5E6-4954-ACAB-E4DF29119724",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "882B8D8F-E154-45C3-BB47-5353167C9776",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E87F823-D924-4718-AD81-248A6C619531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E45BCCD0-65BB-431F-B448-221C1595CD92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F33BA722-0680-4074-8D03-41657F8CDCC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "295C46B4-5E9F-4DD8-861B-00BA43923306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F840171D-CA1C-4E25-BD41-6B871C47BB84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B240B20-CF48-4A72-9653-9D04D59C1391",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CCD143-3D6E-4880-B275-ECF5B04238C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58FF034-8E07-4518-A858-5F16F22217E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "376AD386-373D-4B24-966F-D11F76C9020F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0C1174-C789-4547-9899-F7FCD0905F92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC366801-655A-403B-ACD9-3BB43802A3C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E4D5A8-7E4A-44C5-81DC-84712781206D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13D6D50-D0FA-4527-BED3-52560DDD5253",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "965BF315-D833-4711-97FC-512151113367",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04072C0F-78A2-4D10-87B2-52DC2537BA89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD262F58-C47F-439E-A9FF-D1C60120D306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74AED057-2458-4DE0-8D51-ABD766D07F68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19538C03-5FB8-4401-8B21-489C629D7E7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B26D7061-F471-4DF0-A892-ED132958B84A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "033ED443-80E7-4012-9825-07AAC0D44B96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD3F3CC6-A349-47B1-B282-B6458683C191",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21AFDC0D-7629-424E-827B-C8A8767324C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A263CFF2-A659-405B-90EA-51E49B25C6D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFBD449-217D-4569-99F7-D56B853A3E07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED668FC-D1A5-4175-A234-23760BA6E788",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D650C48-9241-42F7-87A9-20733329489A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82D345E7-8208-41AC-B11A-4425D29E98A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E386D461-F1C1-4970-B056-D6119E74D449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "226F985C-4669-4D0A-9DB4-CB1465B37B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B736A43-6F4E-40A9-84E4-D9E251489234",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E99CA124-7D86-463B-A31E-A7836B7493E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E014B028-8DD9-428C-B705-8F428F145932",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5306E847-C718-4C83-9C97-8AB498DC4A88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18287CEF-B574-4498-A256-567CA6E6CA7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5713043E-2535-4540-B3EF-41FAC40BECE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67701D77-8B03-446A-AE22-4B8CCCD6F029",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "831A2390-7170-4FC0-A95E-3DAB1791017D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "493989DC-8F1B-45C9-AD11-38B97B958C9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F168FB20-0C44-4A5B-910A-04B9517545C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "737F22AB-C5A9-4A18-BA3D-38A222491397",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E5DCFD5-2B46-4D06-9E4C-B2325F440F02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5508320-8318-41A8-8026-4A61907C1CD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "176ACF88-6112-4179-8492-50C50577B300",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07FC868-0B38-4F24-BA40-87966FF80AB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA59279-3504-417D-9E86-E5886EE198BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E283C34-43AE-49A5-A72B-32DEA185ABD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB3AF13-5324-42CD-8EDB-6F730BF46214",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78706517-83F4-4D44-A6EC-B78ADCEABAC0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EACA55A5-4E73-4187-96BE-08E04F2C7659",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86879AC0-890E-42F4-9561-6851F38FE0AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E31CB8F-60FF-4D03-BE8C-824ECE967797",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19017B10-F630-42CD-ACD2-E817FEF0E7F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A41A34-58D2-4DBC-ABC9-20A62BC8A838",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7CCC02-113E-4EA1-B0CA-9FDF1108BB71",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF0025D-8DE1-437D-9A4E-72C3AC6B46CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cbr-8:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB77D0EC-A448-4D97-8EB0-EA4956549A52",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cg418-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C054973-91D8-439F-960F-02BF12A50632",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cg522-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79252E00-2D94-44AA-8601-E4AB4EA38A76",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:esr6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D19136-4ECB-437F-BA8A-E2FE35A39BF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-con-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C98B90-69B3-4BDF-A569-4C102498BFAD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-con-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7646B0A1-FDF5-4A60-A451-E84CE355302E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-ncp-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA889066-14A8-4D88-9EFF-582FE1E65108",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-ncp-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A0C09AE-CD2A-486A-82D4-2F26AA6B6B95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-con-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF81CC0-AEED-42DE-B423-8F4E118680BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-con-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAAFDF1-7A3C-475F-AE82-B3194939D401",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-ncp-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9566FC8C-0357-4780-976F-8A68E6A7D24A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-ncp-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07503D21-965B-49F0-B8F2-B5ECD656F277",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess9300-10x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "880B8176-B30D-443E-B5F1-1769B65978C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:integrated_services_virtual_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5361C70A-C036-4254-9698-BC58F48C465B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem."
    }
  ],
  "id": "CVE-2023-20066",
  "lastModified": "2024-11-21T07:40:28.413",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-23T17:15:14.547",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-23"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-01-26 05:15
Modified
2024-11-21 04:29
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000v -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco crs -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco xrv_9000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco ios_xr 7.0.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco xrv_9000 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AE8971-5003-4A39-8173-E17CE9C2523F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B051AF4-592A-4201-9DD3-8683C1847A00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82AF763B-9299-4EDC-B42D-B83736839CA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la implementaci\u00f3n de la funcionalidad Border Gateway Protocol (BGP) Ethernet VPN (EVPN) en Cisco IOS XR Software, podr\u00edan permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Las vulnerabilidades son debido al procesamiento incorrecto de los mensajes de actualizaci\u00f3n de BGP que contienen atributos EVPN dise\u00f1ados. Un atacante podr\u00eda explotar estas vulnerabilidades mediante el env\u00edo de mensajes de actualizaci\u00f3n de BGP EVPN con atributos malformados para ser procesados ??por un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el proceso BGP se reinicie inesperadamente, resultando en una condici\u00f3n DoS. La implementaci\u00f3n de Cisco de BGP acepta el tr\u00e1fico de BGP entrante solo desde peers definidos expl\u00edcitamente. Para explotar estas vulnerabilidades, el mensaje de actualizaci\u00f3n de BGP malicioso necesitar\u00eda venir desde un peer de BGP v\u00e1lido y configurado, o necesitar\u00eda ser inyectado por parte del atacante en la red de BGP de la v\u00edctima en una conexi\u00f3n TCP v\u00e1lida y existente a un peer de BGP."
    }
  ],
  "id": "CVE-2019-16020",
  "lastModified": "2024-11-21T04:29:56.430",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-26T05:15:16.053",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
ykramarz@cisco.comhttp://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlThird Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rceVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rceVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco ios_xr 6.5.3
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540-12z20g-sys-a -
cisco ncs_540-12z20g-sys-d -
cisco ncs_540-24z8q2c-sys -
cisco ncs_540-28z4c-sys-a -
cisco ncs_540-28z4c-sys-d -
cisco ncs_540-acc-sys -
cisco ncs_540x-12z16g-sys-a -
cisco ncs_540x-12z16g-sys-d -
cisco ncs_540x-16z4g8q2c-a -
cisco ncs_540x-16z4g8q2c-d -
cisco ncs_540x-acc-sys -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco xrv_9000 -
cisco ios_xr 5.2.5
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr 6.4.2
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco crs-x -
cisco ios_xr 6.6.25
cisco ncs_560 -
cisco ios_xr 7.0.1
cisco ncs_540l -


To clipboard 

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco IOS XR Software Discovery Protocol Format String Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "024D2B99-34D5-48B0-AFD6-114200D154E5",
              "versionEndExcluding": "6.6.12",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00AFC058-2750-4A6F-B321-DF159214FCA5",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "7.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5494B4B-0BB4-48AE-8B0D-04DE649F9313",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A0C835-6C98-4AB6-89FF-C27117BB6B12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "395F25CD-FDF5-48D7-A048-A6B4F4779EC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E926BBC-F5C5-4D02-8A62-F1A5DE3C54DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFB1323A-C472-4EA1-A969-1D1C10AB0CE8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-acc-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "124CE49C-1C2B-40A5-8F59-7A223766E12F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A83F3D33-0674-4F74-AEA9-BC824D8536F5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "784A450D-8DCA-43E5-8044-A9F2363FB006",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92E88ED4-C2AF-407C-A395-3D7806D68758",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DA11E43-F821-45F6-A2DB-E1EBC8BDE68B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540x-acc-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "871D84C5-71EE-4B82-A48C-A1CC68DA332A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E7ED87-8AC0-4107-A7A5-F334236E2906",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62F5E007-0CB6-424C-9AE8-01618C8C44E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82AF763B-9299-4EDC-B42D-B83736839CA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de Cisco Discovery Protocol para Cisco IOS XR Software, podr\u00eda permitir a un atacante adyacente no autenticado ejecutar c\u00f3digo arbitrario o causar una recarga sobre un dispositivo afectado. La vulnerabilidad es debido a la comprobaci\u00f3n inapropiada de la entrada de cadena de determinados campos en los mensajes de Cisco Discovery Protocol. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar un desbordamiento del b\u00fafer de la pila, lo que podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario con privilegios administrativos sobre un dispositivo afectado. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusi\u00f3n que el dispositivo afectado (Capa 2 adyacente)."
    }
  ],
  "id": "CVE-2020-3118",
  "lastModified": "2024-11-21T05:30:21.770",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-05T18:15:10.907",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-134"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-08-15 20:29
Modified
2024-11-21 03:38
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/105185Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1041538Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/105185Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1041538Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C849A02-E9C9-455A-8F4F-1562169183E2",
              "versionEndIncluding": "6.3.3_base",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el paquete de caracter\u00edsticas Local Packet Transport Services (LPTS) de Cisco ASR 9000 Series Aggregation Services Router Software podr\u00eda permitir que un atacante remoto no autenticado cree una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad se debe a la falta de comprobaciones de entradas y validaci\u00f3n en cierto tr\u00e1fico entrante PTP (Precision Time Protocol) en un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad inyectando tr\u00e1fico mal formado en un dispositivo afectado. Si se explota con \u00e9xito, podr\u00eda permitir que el atacante consiga que los servicios del dispositivo se reinicien, provocando una denegaci\u00f3n de servicio (DoS). Cisco Bug IDs: CSCvj22858."
    }
  ],
  "id": "CVE-2018-0418",
  "lastModified": "2024-11-21T03:38:11.260",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-08-15T20:29:01.017",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105185"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041538"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105185"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041538"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco ios_xr *
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
              "versionEndExcluding": "7.3.2",
              "versionStartIncluding": "7.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
              "versionEndExcluding": "7.3.2",
              "versionStartIncluding": "7.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
              "versionEndExcluding": "7.3.2",
              "versionStartIncluding": "7.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
              "versionEndExcluding": "7.3.2",
              "versionStartIncluding": "7.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
              "versionEndExcluding": "7.3.2",
              "versionStartIncluding": "7.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
              "versionEndExcluding": "7.3.2",
              "versionStartIncluding": "7.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
              "versionEndExcluding": "7.3.2",
              "versionStartIncluding": "7.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
              "versionEndExcluding": "7.3.2",
              "versionStartIncluding": "7.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en la CLI de Cisco IOS XR Software podr\u00edan permitir a un atacante local autenticado conseguir acceso al shell root subyacente de un dispositivo afectado y ejecutar comandos arbitrario con privilegios de root. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Details de este aviso"
    }
  ],
  "id": "CVE-2021-34722",
  "lastModified": "2024-11-21T06:11:02.993",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-09T05:15:11.770",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-01-26 05:15
Modified
2024-11-21 04:29
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim’s BGP network on an existing, valid TCP connection to a BGP peer.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000v -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco crs -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco xrv_9000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco ios_xr 7.0.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco xrv_9000 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AE8971-5003-4A39-8173-E17CE9C2523F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B051AF4-592A-4201-9DD3-8683C1847A00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82AF763B-9299-4EDC-B42D-B83736839CA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim\u0026rsquo;s BGP network on an existing, valid TCP connection to a BGP peer."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de la funcionalidad Border Gateway Protocol (BGP) en Cisco IOS XR Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido al procesamiento incorrecto de un mensaje de actualizaci\u00f3n BGP que contiene un atributo BGP espec\u00edfico. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de mensajes de actualizaci\u00f3n de BGP que incluyan un atributo espec\u00edfico con malformaci\u00f3n para que un sistema afectado lo procese. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el proceso BGP se reinicie inesperadamente, resultando en una condici\u00f3n DoS. La implementaci\u00f3n de Cisco de BGP acepta el tr\u00e1fico de BGP entrante solo desde peers definidos expl\u00edcitamente. Para explotar esta vulnerabilidad, el mensaje de actualizaci\u00f3n de BGP malicioso necesitar\u00eda venir de un peer BGP v\u00e1lido y configurado o el atacante deber\u00eda inyectarlo en la red BGP victim\u2019s en una conexi\u00f3n TCP v\u00e1lida existente a un peer BGP."
    }
  ],
  "id": "CVE-2019-15989",
  "lastModified": "2024-11-21T04:29:52.940",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-26T05:15:13.567",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-09-04 03:15
Modified
2024-11-21 05:31
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Summary
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqvVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqvVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A42D395-5212-4A00-BE32-6D806D032E67",
              "versionEndExcluding": "7.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la asignaci\u00f3n del grupo de tareas para un comando de la CLI espec\u00edfico en Cisco IOS XR Software podr\u00eda permitir a un atacante local autenticado ejecutar ese comando, aunque deber\u00edan ser requeridos privilegios administrativos. El atacante debe tener credenciales v\u00e1lidas en el dispositivo afectado. La vulnerabilidad es debido a una asignaci\u00f3n incorrecta en el c\u00f3digo fuente de las asignaciones de grupos de tareas para un comando espec\u00edfico. Un atacante podr\u00eda explotar esta vulnerabilidad mediante la emisi\u00f3n del comando, que no deber\u00eda estar autorizado para emitir, en un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante invalidar la integridad del disco y causar que el dispositivo se reinicie. Esta vulnerabilidad podr\u00eda permitir a un usuario con permisos de lectura emitir un comando espec\u00edfico que requerir\u00eda privilegios de Administrador"
    }
  ],
  "id": "CVE-2020-3530",
  "lastModified": "2024-11-21T05:31:15.670",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 5.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 7.8,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 5.8,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 5.8,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-04T03:15:10.620",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpPVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpPVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_4009 -
cisco ncs_4016 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19A362A-DF30-4B02-832E-FB5389C9400E",
              "versionEndExcluding": "6.3.2",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
              "versionEndExcluding": "7.2.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19A362A-DF30-4B02-832E-FB5389C9400E",
              "versionEndExcluding": "6.3.2",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
              "versionEndExcluding": "7.2.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19A362A-DF30-4B02-832E-FB5389C9400E",
              "versionEndExcluding": "6.3.2",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
              "versionEndExcluding": "7.2.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19A362A-DF30-4B02-832E-FB5389C9400E",
              "versionEndExcluding": "6.3.2",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
              "versionEndExcluding": "7.2.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19A362A-DF30-4B02-832E-FB5389C9400E",
              "versionEndExcluding": "6.3.2",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
              "versionEndExcluding": "7.2.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F40E779D-5865-4E4B-AE2D-CF1860BA19E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6A867F-E809-4CB5-82DB-2670CB0A6359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19A362A-DF30-4B02-832E-FB5389C9400E",
              "versionEndExcluding": "6.3.2",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
              "versionEndExcluding": "7.2.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19A362A-DF30-4B02-832E-FB5389C9400E",
              "versionEndExcluding": "6.3.2",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
              "versionEndExcluding": "7.2.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19A362A-DF30-4B02-832E-FB5389C9400E",
              "versionEndExcluding": "6.3.2",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
              "versionEndExcluding": "7.2.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
              "versionEndExcluding": "6.2.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D19A362A-DF30-4B02-832E-FB5389C9400E",
              "versionEndExcluding": "6.3.2",
              "versionStartIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
              "versionEndExcluding": "7.2.2",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en las funciones de respuesta de los Acuerdos de Nivel de Servicio IP (IP SLA) y del Protocolo de Medici\u00f3n Activa de Dos V\u00edas (TWAMP) de Cisco IOS XR Software podr\u00eda permitir a un atacante remoto no autenticado causar el agotamiento de la memoria de paquetes del dispositivo o causar el bloqueo del proceso IP SLA, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad Se presenta porque los fallos en la creaci\u00f3n de sockets son manejados inapropiadamente durante los procesos IP SLA y TWAMP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes espec\u00edficos de IP SLA o TWAMP a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante agotar la memoria de paquetes, lo que afectar\u00eda a otros procesos, como los protocolos de enrutamiento, o bloquear\u00eda el proceso IP SLA"
    }
  ],
  "id": "CVE-2021-34720",
  "lastModified": "2024-11-21T06:11:02.663",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-09T05:15:11.463",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-771"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-11-12 02:15
Modified
2024-11-21 05:19
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS condition. The device would need to be restarted to regain functionality.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QYVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QYVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v v2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "413EC528-53D8-4E5C-9137-84D9F337B420",
              "versionEndExcluding": "6.7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF281839-E74A-4BCB-ADFA-44D7C47D3B1A",
              "versionEndExcluding": "7.1.2",
              "versionStartIncluding": "7.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS condition. The device would need to be restarted to regain functionality."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de procesamiento de paquetes de entrada de Cisco IOS XR Software para Cisco ASR 9000 Series Aggregation Services Routers, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una asignaci\u00f3n inapropiada de recursos cuando un dispositivo afectado procesa el tr\u00e1fico de red en modo de switching de software (punteado).\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de secuencias espec\u00edficas de unidades de datos de protocolo (PDU) de capa 2 o capa 3 hacia un dispositivo afectado.\u0026#xa0;Un explotaci\u00f3n con \u00e9xito podr\u00eda causar a un dispositivo afectado quedarse sin recursos de b\u00fafer, que podr\u00eda hacer que el dispositivo se inhabilite para procesar o reenviar el tr\u00e1fico, resultando en una condici\u00f3n DoS.\u0026#xa0;El dispositivo deber\u00e1 ser reiniciado para recuperar la funcionalidad"
    }
  ],
  "id": "CVE-2020-26070",
  "lastModified": "2024-11-21T05:19:10.127",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-12T02:15:11.057",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-404"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-404"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLUVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLUVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs540-12z20g-sys-a -
cisco ncs540-12z20g-sys-d -
cisco ncs540-24z8q2c-m -
cisco ncs540-24z8q2c-sys -
cisco ncs540-28z4c-sys-a -
cisco ncs540-28z4c-sys-d -
cisco ncs540-acc-sys -
cisco ncs540x-12z16g-sys-a -
cisco ncs540x-12z16g-sys-d -
cisco ncs540x-16z4g8q2c-a -
cisco ncs540x-16z4g8q2c-d -
cisco ncs540x-acc-sys -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
              "versionEndIncluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
              "versionEndIncluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs540-12z20g-sys-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D6DAA03-40D2-4E64-A2D8-2C29F7F5B51F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540-12z20g-sys-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D87B5470-C088-447F-8A53-E07F2A80E9AA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540-24z8q2c-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "760121F2-7128-4C2B-961E-323D8ADE888D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540-24z8q2c-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A24675D-E2B3-4590-8789-45577F84D0B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540-28z4c-sys-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "047309D8-E0FE-4E81-A437-AB7EB5467CA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540-28z4c-sys-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D84DCABD-B4B0-4045-9232-52CD467BF542",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540-acc-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EA35DB5-1999-474C-822F-8633907E798D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540x-12z16g-sys-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39300366-9456-469D-82A9-281FDFBA7786",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540x-12z16g-sys-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "479D87C4-928E-4C62-8D1C-26F30E62506B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540x-16z4g8q2c-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E975789-90AB-4235-96EA-08D4A6C2C39E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540x-16z4g8q2c-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CDF2D04-55AC-4C99-A85A-5728BF989A06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs540x-acc-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "117666A3-31D1-4318-BAB4-C5FCF80B9AAB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de servidor DHCP versi\u00f3n 4 (DHCPv4) de Cisco IOS XR Software podr\u00eda permitir a un atacante remoto no autenticado desencadenar un bloqueo del proceso dhcpd, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se presenta porque determinados mensajes DHCPv4 se comprueban inapropiadamente cuando son procesados por un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un mensaje DHCPv4 malformado a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una desreferencia del puntero NULL, resultando en un bloqueo del proceso dhcpd. Mientras el proceso dhcpd se reinicia, lo que puede tardar hasta aproximadamente dos minutos, los servicios del servidor DHCPv4 no est\u00e1n disponibles en el dispositivo afectado. Esto podr\u00eda impedir temporalmente el acceso a la red a los clientes que se unan a ella durante ese periodo de tiempo. Nota: S\u00f3lo el proceso dhcpd se bloquea y finalmente se reinicia autom\u00e1ticamente. El router no se recarga"
    }
  ],
  "id": "CVE-2021-34737",
  "lastModified": "2024-11-21T06:11:05.107",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-09T05:15:11.963",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-09-25 21:15
Modified
2024-11-21 04:23
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker who has valid administrator access to an affected device could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to run arbitrary commands on the underlying operating system with root privileges, which may lead to complete system compromise.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privescVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privescVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "89C81A91-832E-46D1-AA24-076D5AC0F5B2",
              "versionEndExcluding": "6.5.3",
              "versionStartIncluding": "5.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AAA1E0-9972-4EA3-BF54-BAB06CC02992",
              "versionEndExcluding": "6.6.2",
              "versionStartIncluding": "6.6.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker who has valid administrator access to an affected device could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to run arbitrary commands on the underlying operating system with root privileges, which may lead to complete system compromise."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en un comando de la CLI relacionado con el virtualization manager (VMAN) en el Software Cisco IOS XR, para Cisco ASR 9000 Series Aggregation Services Routers, podr\u00eda permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con privilegios root. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los argumentos pasados ??a un comando espec\u00edfico de la CLI de VMAN en un dispositivo afectado. Un atacante que tenga acceso v\u00e1lido de administrador a un dispositivo afectado podr\u00eda explotar esta vulnerabilidad mediante la inclusi\u00f3n de entradas maliciosas como argumento de un comando afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios root, lo que puede conllevar a un compromiso total del sistema."
    }
  ],
  "id": "CVE-2019-12709",
  "lastModified": "2024-11-21T04:23:24.713",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-09-25T21:15:11.873",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNzVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNzVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 17.6.1
cisco ios_xe 17.6.3
cisco ios_xe 17.9.1
cisco 1000_integrated_services_router -
cisco 1100-4g\/6g_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 3000_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 4321_integrated_services_router -
cisco 4331_integrated_services_router -
cisco 4351_integrated_services_router -
cisco 4431_integrated_services_router -
cisco 4451-x_integrated_services_router -
cisco 4451_integrated_services_router -
cisco 4461_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8800_12-slot -
cisco 8800_18-slot -
cisco 8800_4-slot -
cisco 8800_8-slot -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco 9800-40 -
cisco 9800-80 -
cisco 9800-cl -
cisco 9800-l -
cisco asr-920-10sz-pd -
cisco asr-920-12cz-a -
cisco asr-920-12cz-d -
cisco asr-920-12sz-a -
cisco asr-920-12sz-d -
cisco asr-920-12sz-im -
cisco asr-920-12sz-im-cc -
cisco asr-920-20sz-m -
cisco asr-920-24sz-im -
cisco asr-920-24sz-m -
cisco asr-920-24tz-im -
cisco asr-920-24tz-m -
cisco asr-920-4sz-a -
cisco asr-920-4sz-d -
cisco asr-9901-rp -
cisco asr_1000 -
cisco asr_1000-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_900 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-10sz-pd_router -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-a_router -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12cz-d_router -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-12sz-im_router -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-im_router -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24sz-m_router -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-24tz-m_router -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-a_router -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920-4sz-d_router -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco asr1000-2t\+20x1ge -
cisco asr1000-6tge -
cisco asr1000-esp200 -
cisco asr1000-mip100 -
cisco asr1000-rp3 -
cisco asr1001-hx -
cisco asr1001-hx-rf -
cisco asr1001-x -
cisco asr1001-x-rf -
cisco asr1001-x-ws -
cisco asr1002-hx -
cisco asr1002-hx-rf -
cisco asr1002-hx-ws -
cisco asr1002-x -
cisco asr1002-x-rf -
cisco asr1002-x-ws -
cisco catalyst_3650 -
cisco catalyst_3650-12x48fd-e -
cisco catalyst_3650-12x48fd-l -
cisco catalyst_3650-12x48fd-s -
cisco catalyst_3650-12x48uq -
cisco catalyst_3650-12x48uq-e -
cisco catalyst_3650-12x48uq-l -
cisco catalyst_3650-12x48uq-s -
cisco catalyst_3650-12x48ur -
cisco catalyst_3650-12x48ur-e -
cisco catalyst_3650-12x48ur-l -
cisco catalyst_3650-12x48ur-s -
cisco catalyst_3650-12x48uz -
cisco catalyst_3650-12x48uz-e -
cisco catalyst_3650-12x48uz-l -
cisco catalyst_3650-12x48uz-s -
cisco catalyst_3650-24pd -
cisco catalyst_3650-24pd-e -
cisco catalyst_3650-24pd-l -
cisco catalyst_3650-24pd-s -
cisco catalyst_3650-24pdm -
cisco catalyst_3650-24pdm-e -
cisco catalyst_3650-24pdm-l -
cisco catalyst_3650-24pdm-s -
cisco catalyst_3650-24ps-e -
cisco catalyst_3650-24ps-l -
cisco catalyst_3650-24ps-s -
cisco catalyst_3650-24td-e -
cisco catalyst_3650-24td-l -
cisco catalyst_3650-24td-s -
cisco catalyst_3650-24ts-e -
cisco catalyst_3650-24ts-l -
cisco catalyst_3650-24ts-s -
cisco catalyst_3650-48fd-e -
cisco catalyst_3650-48fd-l -
cisco catalyst_3650-48fd-s -
cisco catalyst_3650-48fq -
cisco catalyst_3650-48fq-e -
cisco catalyst_3650-48fq-l -
cisco catalyst_3650-48fq-s -
cisco catalyst_3650-48fqm -
cisco catalyst_3650-48fqm-e -
cisco catalyst_3650-48fqm-l -
cisco catalyst_3650-48fqm-s -
cisco catalyst_3650-48fs-e -
cisco catalyst_3650-48fs-l -
cisco catalyst_3650-48fs-s -
cisco catalyst_3650-48pd-e -
cisco catalyst_3650-48pd-l -
cisco catalyst_3650-48pd-s -
cisco catalyst_3650-48pq-e -
cisco catalyst_3650-48pq-l -
cisco catalyst_3650-48pq-s -
cisco catalyst_3650-48ps-e -
cisco catalyst_3650-48ps-l -
cisco catalyst_3650-48ps-s -
cisco catalyst_3650-48td-e -
cisco catalyst_3650-48td-l -
cisco catalyst_3650-48td-s -
cisco catalyst_3650-48tq-e -
cisco catalyst_3650-48tq-l -
cisco catalyst_3650-48tq-s -
cisco catalyst_3650-48ts-e -
cisco catalyst_3650-48ts-l -
cisco catalyst_3650-48ts-s -
cisco catalyst_3650-8x24pd-e -
cisco catalyst_3650-8x24pd-l -
cisco catalyst_3650-8x24pd-s -
cisco catalyst_3650-8x24uq -
cisco catalyst_3650-8x24uq-e -
cisco catalyst_3650-8x24uq-l -
cisco catalyst_3650-8x24uq-s -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
cisco catalyst_9200 -
cisco catalyst_9200cx -
cisco catalyst_9200l -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9400 -
cisco catalyst_9400_supervisor_engine-1 -
cisco catalyst_9407r -
cisco catalyst_9410r -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9600_supervisor_engine-1 -
cisco catalyst_9600x -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-80 -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -
cisco catalyst_ie3200 -
cisco catalyst_ie3300 -
cisco catalyst_ie3400 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:3000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8C4D97-A430-45FB-9EF5-B6E4DBA1BD31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE2514A1-486C-40F7-8746-56E2B973CBE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C3816C-95F4-443C-9C79-72F0251528F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1810C73-93B8-4EB5-85FC-3585AD5256BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE2BC76E-A166-4E71-B058-F49FF84A9E19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "542244A0-300C-4630-812A-BF45F61E38DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-10sz-pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FCA2DB2-AE09-4A99-90C9-60AE0CD9A035",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12cz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11B83BED-5A49-4CF0-9827-AA291D01F60E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12cz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1E8937-51D9-43E6-876E-5D39AD3D32C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA7AE63-99B9-4F28-8670-639A9B31E494",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E858B4AB-49B1-4F1C-8722-6E6911194924",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D9ECE39-C111-412B-AF56-9B7435D98FE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12sz-im-cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "577D1BF2-5180-4301-941C-3C0ADDD23AA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-20sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60DFE60A-34C5-42C3-B539-57AAA9D4F684",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-24sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1B25F27-6527-46F8-9C1A-4B4F79F3E6C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-24sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE70CCD-6062-45D8-8566-7C9E237E030F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-24tz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA3A897-ED4E-417F-BA6C-C1A825A210F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-24tz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "375F9E12-A61B-4FD3-AE07-D4E686EB112A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-4sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D724F932-4548-429D-8CAA-E82C3435A194",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-4sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BCC94C3-9EEF-4600-BE82-8AEDEB0F1446",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-9901-rp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE36709F-DCF2-428F-8746-9C5096182E87",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E673A75F-EFF8-4591-8E0F-A21083563DBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "A50A1CA4-F928-4787-ADB4-0274301B7EF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "515CD97F-DDBD-4F75-A6DB-646890A30B32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E181FC9-6790-4C12-874F-67252B6879BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE063AF2-5579-4D7E-8829-9102FC7CB994",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18E4A46-10D3-48F8-9E92-377ACA447257",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE110B5-CC6E-4103-9983-4195BCC28165",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B97DDC45-ABD1-4C8F-A249-0865345637A4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8A748B-DDA9-4F0B-9AAA-F9A62BBC3DCB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FE4D129-435B-45DD-838D-4017BD94DF93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "456C68A8-F3C8-4302-B55A-134979B42045",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F681230-2530-4ED9-85E9-FE7A57FCF2F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C6733C-F77B-4688-B051-C1557F4D8D41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E3D23C1-FE0E-4D33-9E89-07A4135E1360",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD45D77-4097-4AFB-98DF-5B8188316C20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E598123-4AF8-44F6-BE87-9F62007FF658",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31608C12-FBED-4EAD-96EC-48BC4B356B77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC28F05-20D0-4518-93FF-F254BA81E4B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D989205A-0576-415C-935E-E83AD42FD1CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2BCA1C7-5642-4A2B-9E61-B141E70E098A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C3EB40-574A-48F7-A679-90F62ED976B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CC6206-DF19-4636-84C2-8912E443D122",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C27ED272-FCA6-4002-93E1-EF0B89C84572",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85489F69-EAF0-4971-8C93-36838A8AA00E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD184DD-8774-4C18-BE53-BC6B133B01C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22F587F6-876D-4AE4-B6BD-ED50D47F5361",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA179D79-07E7-4721-85BB-0C740B516B1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "9FF5102C-3163-48F1-8D44-352D6715288D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E7ED87-8AC0-4107-A7A5-F334236E2906",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1000-2t\\+20x1ge:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D24BB4-6357-4BFC-A4CB-B33ECDEB3BEE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1000-6tge:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B1F849A-05BA-4CA2-96AA-F8DFD5E725A5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1000-esp200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB060D83-2924-4D1D-9FEE-F8087FA8976D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1000-mip100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CF4D0E5-FF09-4919-B603-B42DB535386C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1000-rp3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22C36989-4353-4B81-8B0F-FC6322C1C179",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C24227E-9FF6-4757-A342-958CA4B8BF63",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1001-hx-rf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E529335-18D1-4CEC-A8D5-CC1CA33D64F5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3072DEFA-61D6-413F-97FD-F64C0E90155C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1001-x-rf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FBFB5C-347B-4F73-93BE-4D3137D8F93A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1001-x-ws:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F040372-CDAD-4AC4-9B7C-BFF9658B6BF2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33862F1-652A-4F60-BD3E-A6B3733E56A9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-hx-rf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "130205FD-CA31-4E49-B8C4-181840270C70",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-hx-ws:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "908A56D8-64AF-4813-9D4D-C429C0603A31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03A2AA1C-7568-4BB6-BBD3-8E03D32CDA1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-x-rf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53DAF422-7E0B-44EB-AD8D-4643A9711739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-x-ws:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F7F661E-335C-4123-9363-E2E5D51846C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7814FA61-CAF1-46DE-9D84-CEBE6480EA03",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EE4F60E-DF3D-4839-8731-7CF16DA8FF26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA5EEE3-A084-46B4-84C0-ADFD69800649",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "592F67D5-344B-49AF-A277-1089A40AC2FD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7434059A-25B8-4FAC-A756-6E571348B76E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB2A5355-BF40-437C-8683-A7A81DEE362C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43F4B90E-3499-45D4-864D-18505E2149F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9BE6BA-6B2D-47C9-B8F1-3C9CE213948D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "858FEECF-CC69-4E68-8E8A-674643021964",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE5FCCFF-E491-474F-9B86-AB51D8244582",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8464F8-D6D2-4165-ADE8-B40F7D8556C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61007628-A81B-43E0-86DE-1F7DDAD9F1A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91B9F022-4C3D-493E-9418-E9CDDAFEC9B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C3F03C3-C0CA-4E9B-A99A-BE28153EB5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B39F250E-6A89-4537-BD31-1FB81734A9A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4E3B69-DDE8-4EA2-8E63-D6EEF41083B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8904EAF5-25E7-4A6B-8117-1859F913B83B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A369CD35-1242-4556-A83D-BD69CC149CFA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2D1B9E-6234-4FD6-A003-AFBC8A4DC2E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "784A1499-1F33-493D-B433-EB2550C03C19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A990D6-B748-4AFD-B924-1D19680BD3DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CECFC88D-5480-46E4-BF74-E11A514A8BDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E54D16A8-0407-41E3-9599-9A6F57E1AA75",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C94A9A21-C4F7-4EA4-95B1-DEA7DDA0F77D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3818CC-8653-4A9E-A57B-950A15914D6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC790B-B42D-45DB-ACF5-A789F76C2BC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A6BC84-91F2-437D-9D2E-F8B3F5966767",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F331F13-5D05-4213-B442-D48D8E22287B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E312F4-90DA-40E4-BCD1-92F41BEEEECF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA32EA3F-946D-430D-B00F-939D828DD72C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D239A09C-34D2-4418-B538-03A1080B8479",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C84561E-DD99-4433-9EF2-083F7C300123",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B29871BE-CA7D-4108-B46A-CBD539C9A2B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39CD9189-6524-4157-B90E-FF6A81DE3599",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF1B702-643A-4AF2-B0AD-3C540CF85F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96269625-CB31-4850-872B-B2C1321B13B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "426B68A6-3A41-43DB-846F-AEFBA62E221B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDE086A-3FE5-46E3-BD66-23D0AE5089BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA53775A-D3ED-4D34-8338-A384DBEB94E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7D4522-D6BB-467F-AF5D-4D753A89D524",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C96215F-A300-4B4E-9D3A-C32E484BFC5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C680534-C663-40B0-A4AA-7F292EE60FE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF4F233-7B47-46ED-BDC5-A589BCFC0B39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A528EC0-4650-4787-BE52-A588E7E38A31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53898E96-03D6-43A2-AE05-46C62464BD26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "465917E5-8BF0-4BBB-85A0-DE8F516880C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FA66D9-E465-406E-A95C-608A1BE34D74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EFFE6E6-413F-48AC-B4CE-0F1058C48FC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1456B204-A2A5-4790-A684-7F50D692EC9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD715BDD-7C74-4785-BEDF-75918F6FB37A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD10664-94D0-48C0-92EF-E8EA66841245",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "071A47F9-FF35-4F2C-BF5D-897CAC8BC08A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E988448-36C9-47E0-9356-DA400EB824E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D067EF9-00DB-4979-B12E-55749059A083",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9FA300A-44B1-44EE-8111-C1296EB0B638",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8598A543-B30B-4BD4-9974-F432FFFDCDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48DEBBAD-D28D-4784-BBD8-9FAD1710A919",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A5FC516-6B48-4D77-B26D-FA097AC91D1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A7437E4-5C09-436C-AFBC-F6B6747A4339",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECBC0277-4990-4DE7-AD80-20E8A6F561D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E7DAF69-662B-4999-A6AD-AA528B53EAF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DF90C70-A2B8-44A4-B4A1-2A1B48AA9D0A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28306B1-3DDE-4444-9784-522B3D2163EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9257D187-1F2D-40F4-8C87-78978DB56C3F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF4A033-FD9E-4B98-A0FD-CF6CD9BD3E5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AF8261-74E0-4F53-B82C-A7BA7559D7CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25AE251E-E99F-4546-85B0-C57834B040B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62FFCB9-4253-459B-9298-C252DA9177DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "991CBDFB-6836-4D1F-80A9-14EBCE3F855F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B4C0250-DA0D-4CEE-99F4-C211163C6653",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E18C436-AC70-4E2E-8ED2-EEADFCE36CB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D453BF6-AB9F-4D47-B4DF-C25C67358FFE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "005F5347-A5E6-4954-ACAB-E4DF29119724",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "882B8D8F-E154-45C3-BB47-5353167C9776",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E87F823-D924-4718-AD81-248A6C619531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E45BCCD0-65BB-431F-B448-221C1595CD92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F33BA722-0680-4074-8D03-41657F8CDCC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "295C46B4-5E9F-4DD8-861B-00BA43923306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F840171D-CA1C-4E25-BD41-6B871C47BB84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B240B20-CF48-4A72-9653-9D04D59C1391",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CCD143-3D6E-4880-B275-ECF5B04238C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58FF034-8E07-4518-A858-5F16F22217E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "376AD386-373D-4B24-966F-D11F76C9020F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0C1174-C789-4547-9899-F7FCD0905F92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC366801-655A-403B-ACD9-3BB43802A3C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E4D5A8-7E4A-44C5-81DC-84712781206D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13D6D50-D0FA-4527-BED3-52560DDD5253",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "965BF315-D833-4711-97FC-512151113367",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04072C0F-78A2-4D10-87B2-52DC2537BA89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD262F58-C47F-439E-A9FF-D1C60120D306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74AED057-2458-4DE0-8D51-ABD766D07F68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19538C03-5FB8-4401-8B21-489C629D7E7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B26D7061-F471-4DF0-A892-ED132958B84A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "033ED443-80E7-4012-9825-07AAC0D44B96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD3F3CC6-A349-47B1-B282-B6458683C191",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21AFDC0D-7629-424E-827B-C8A8767324C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A263CFF2-A659-405B-90EA-51E49B25C6D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFBD449-217D-4569-99F7-D56B853A3E07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED668FC-D1A5-4175-A234-23760BA6E788",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D650C48-9241-42F7-87A9-20733329489A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82D345E7-8208-41AC-B11A-4425D29E98A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E386D461-F1C1-4970-B056-D6119E74D449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "226F985C-4669-4D0A-9DB4-CB1465B37B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B736A43-6F4E-40A9-84E4-D9E251489234",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E99CA124-7D86-463B-A31E-A7836B7493E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E014B028-8DD9-428C-B705-8F428F145932",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5306E847-C718-4C83-9C97-8AB498DC4A88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18287CEF-B574-4498-A256-567CA6E6CA7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5713043E-2535-4540-B3EF-41FAC40BECE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67701D77-8B03-446A-AE22-4B8CCCD6F029",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "831A2390-7170-4FC0-A95E-3DAB1791017D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "493989DC-8F1B-45C9-AD11-38B97B958C9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F168FB20-0C44-4A5B-910A-04B9517545C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "737F22AB-C5A9-4A18-BA3D-38A222491397",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E5DCFD5-2B46-4D06-9E4C-B2325F440F02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5508320-8318-41A8-8026-4A61907C1CD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "176ACF88-6112-4179-8492-50C50577B300",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07FC868-0B38-4F24-BA40-87966FF80AB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA59279-3504-417D-9E86-E5886EE198BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EACA55A5-4E73-4187-96BE-08E04F2C7659",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E31CB8F-60FF-4D03-BE8C-824ECE967797",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad de procesamiento UDP del software Cisco IOS XE para controladores inal\u00e1mbricos integrados en los puntos de acceso de la serie Catalyst 9100 podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido al procesamiento inapropiado de los datagramas UDP. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de datagramas UDP maliciosos a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar a el dispositivo recargarse, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2022-20848",
  "lastModified": "2024-11-21T06:43:40.767",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-09-30T19:15:12.430",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-10-05 14:29
Modified
2024-11-21 03:50
Severity ?
6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
ykramarz@cisco.comhttp://www.securitytracker.com/id/1041790Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1041790Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.0.1
cisco ios_xr 6.0.2
cisco ios_xr 6.1.1
cisco ios_xr 6.1.2
cisco ios_xr 6.1.3
cisco ios_xr 6.1.4
cisco ios_xr 6.2.1
cisco ios_xr 6.2.2
cisco ios_xr 6.2.3
cisco ios_xr 6.4.1
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9BE8485-444F-45E2-BBBB-B69BF322FEB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F87B6885-A267-439B-AE04-CBD950BEC205",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "52CC4093-80C1-4B0C-82D2-647C625FF42D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0235F415-F327-4914-8E2A-96334984797D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D093D77E-66E3-4659-820E-F7E03A51A83C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27A732BF-A723-48EA-AC0F-813CA5A2DB0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F517C60E-4580-486E-9A03-82A023755374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "370F74EC-829D-4574-BE7D-85700E15C433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A29F9DD0-2FA4-463C-BF53-CFE351CB94DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de la funcionalidad Border Gateway Protocol (BGP) de Cisco IOS XR Software podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a un procesamiento incorrecto de ciertos mensajes de actualizaci\u00f3n BGP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando mensajes de actualizaci\u00f3n BGP que incluyen un atributo espec\u00edfico mal formado para que sea procesado por un sistema afectado. Su explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante haga que el proceso BGP se reinicie inesperadamente, resultando en una denegaci\u00f3n de servicio (DoS). La implementaci\u00f3n de Cisco de BGP acepta el tr\u00e1fico BGP entrante solo desde peers definidos de forma expl\u00edcita. Para explotar esta vulnerabilidad, el mensaje de actualizaci\u00f3n BGP malicioso necesitar\u00eda provenir de un peer BGP v\u00e1lido y configurado o, por otro lado, necesitar\u00eda ser inyectado por el atacante4 en la red BGP de la v\u00edctima en una conexi\u00f3n existente TCP v\u00e1lida a un peer BGP."
    }
  ],
  "id": "CVE-2018-15428",
  "lastModified": "2024-11-21T03:50:46.520",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-10-05T14:29:11.543",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041790"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1041790"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-01-26 05:15
Modified
2024-11-21 04:29
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000v -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco crs -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco xrv_9000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco ios_xr 7.0.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco xrv_9000 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AE8971-5003-4A39-8173-E17CE9C2523F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B051AF4-592A-4201-9DD3-8683C1847A00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82AF763B-9299-4EDC-B42D-B83736839CA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la implementaci\u00f3n de la funcionalidad Border Gateway Protocol (BGP) Ethernet VPN (EVPN) en Cisco IOS XR Software, podr\u00edan permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Las vulnerabilidades son debido al procesamiento incorrecto de los mensajes de actualizaci\u00f3n de BGP que contienen atributos EVPN dise\u00f1ados. Un atacante podr\u00eda explotar estas vulnerabilidades mediante el env\u00edo de mensajes de actualizaci\u00f3n de BGP EVPN con atributos malformados para ser procesados ??por un sistema afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el proceso BGP se reinicie inesperadamente, resultando en una condici\u00f3n DoS. La implementaci\u00f3n de Cisco de BGP acepta el tr\u00e1fico de BGP entrante solo desde peers definidos expl\u00edcitamente. Para explotar estas vulnerabilidades, el mensaje de actualizaci\u00f3n de BGP malicioso necesitar\u00eda venir desde un peer de BGP v\u00e1lido y configurado, o necesitar\u00eda ser inyectado por parte del atacante en la red de BGP de la v\u00edctima en una conexi\u00f3n TCP v\u00e1lida y existente a un peer de BGP."
    }
  ],
  "id": "CVE-2019-16022",
  "lastModified": "2024-11-21T04:29:56.730",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-26T05:15:16.193",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco ios_xr *
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
              "versionEndIncluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
              "versionEndIncluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "Varias vulnerabilidades en la CLI de Cisco IOS XR Software podr\u00edan permitir a un atacante local autenticado conseguir acceso al shell root subyacente de un dispositivo afectado y ejecutar comandos arbitrario con privilegios de root. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Details de este aviso"
    }
  ],
  "id": "CVE-2021-34721",
  "lastModified": "2024-11-21T06:11:02.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-09T05:15:11.677",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPkVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPkVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 17.6.3
cisco ios_xe 17.11.1
cisco 1000_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 4321_integrated_services_router -
cisco 4331_integrated_services_router -
cisco 4351_integrated_services_router -
cisco 4431_integrated_services_router -
cisco 4451-x_integrated_services_router -
cisco 4451_integrated_services_router -
cisco 4461_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8800_12-slot -
cisco 8800_18-slot -
cisco 8800_4-slot -
cisco 8800_8-slot -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco 9800-40 -
cisco 9800-80 -
cisco 9800-cl -
cisco 9800-l -
cisco asr_1000 -
cisco asr_1000-esp100 -
cisco asr_1000-esp100-x -
cisco asr_1000-esp200-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_900 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9000v v2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
cisco catalyst_9200 -
cisco catalyst_9200cx -
cisco catalyst_9200l -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9400 -
cisco catalyst_9400_supervisor_engine-1 -
cisco catalyst_9407r -
cisco catalyst_9410r -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9600_supervisor_engine-1 -
cisco catalyst_9600x -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-40_wireless_controller -
cisco catalyst_9800-80 -
cisco catalyst_9800-80_wireless_controller -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -
cisco catalyst_9800_embedded_wireless_controller -
cisco catalyst_ie3200 -
cisco catalyst_ie3200_rugged_switch -
cisco catalyst_ie3300 -
cisco catalyst_ie3300_rugged_switch -
cisco catalyst_ie3400 -
cisco catalyst_ie3400_heavy_duty_switch -
cisco catalyst_ie3400_rugged_switch -
cisco catalyst_ie9300 -
cisco cbr-8 -
cisco cg418-e -
cisco cg522-e -
cisco esr6300 -
cisco ess-3300-24t-con-a -
cisco ess-3300-24t-con-e -
cisco ess-3300-24t-ncp-a -
cisco ess-3300-24t-ncp-e -
cisco ess-3300-con-a -
cisco ess-3300-con-e -
cisco ess-3300-ncp-a -
cisco ess-3300-ncp-e -
cisco ess9300-10x-e -
cisco integrated_services_virtual_router -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F313F2EC-F3D6-4639-934C-402DDA3DA806",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE2514A1-486C-40F7-8746-56E2B973CBE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C3816C-95F4-443C-9C79-72F0251528F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1810C73-93B8-4EB5-85FC-3585AD5256BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE2BC76E-A166-4E71-B058-F49FF84A9E19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "542244A0-300C-4630-812A-BF45F61E38DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "917B52DF-4210-4DD6-97EF-8A033497A954",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp200-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7F413FB-D4F9-4113-9D67-2956BF1DC30D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E673A75F-EFF8-4591-8E0F-A21083563DBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "515CD97F-DDBD-4F75-A6DB-646890A30B32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E181FC9-6790-4C12-874F-67252B6879BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE063AF2-5579-4D7E-8829-9102FC7CB994",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18E4A46-10D3-48F8-9E92-377ACA447257",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE110B5-CC6E-4103-9983-4195BCC28165",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B97DDC45-ABD1-4C8F-A249-0865345637A4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FE4D129-435B-45DD-838D-4017BD94DF93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "456C68A8-F3C8-4302-B55A-134979B42045",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C6733C-F77B-4688-B051-C1557F4D8D41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD45D77-4097-4AFB-98DF-5B8188316C20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31608C12-FBED-4EAD-96EC-48BC4B356B77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D989205A-0576-415C-935E-E83AD42FD1CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C3EB40-574A-48F7-A679-90F62ED976B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CC6206-DF19-4636-84C2-8912E443D122",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85489F69-EAF0-4971-8C93-36838A8AA00E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA179D79-07E7-4721-85BB-0C740B516B1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E7ED87-8AC0-4107-A7A5-F334236E2906",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "005F5347-A5E6-4954-ACAB-E4DF29119724",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "882B8D8F-E154-45C3-BB47-5353167C9776",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E87F823-D924-4718-AD81-248A6C619531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E45BCCD0-65BB-431F-B448-221C1595CD92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F33BA722-0680-4074-8D03-41657F8CDCC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "295C46B4-5E9F-4DD8-861B-00BA43923306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F840171D-CA1C-4E25-BD41-6B871C47BB84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B240B20-CF48-4A72-9653-9D04D59C1391",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CCD143-3D6E-4880-B275-ECF5B04238C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58FF034-8E07-4518-A858-5F16F22217E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "376AD386-373D-4B24-966F-D11F76C9020F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0C1174-C789-4547-9899-F7FCD0905F92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC366801-655A-403B-ACD9-3BB43802A3C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E4D5A8-7E4A-44C5-81DC-84712781206D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13D6D50-D0FA-4527-BED3-52560DDD5253",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "965BF315-D833-4711-97FC-512151113367",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04072C0F-78A2-4D10-87B2-52DC2537BA89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD262F58-C47F-439E-A9FF-D1C60120D306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74AED057-2458-4DE0-8D51-ABD766D07F68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19538C03-5FB8-4401-8B21-489C629D7E7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B26D7061-F471-4DF0-A892-ED132958B84A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "033ED443-80E7-4012-9825-07AAC0D44B96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD3F3CC6-A349-47B1-B282-B6458683C191",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21AFDC0D-7629-424E-827B-C8A8767324C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A263CFF2-A659-405B-90EA-51E49B25C6D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFBD449-217D-4569-99F7-D56B853A3E07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED668FC-D1A5-4175-A234-23760BA6E788",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D650C48-9241-42F7-87A9-20733329489A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82D345E7-8208-41AC-B11A-4425D29E98A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E386D461-F1C1-4970-B056-D6119E74D449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "226F985C-4669-4D0A-9DB4-CB1465B37B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B736A43-6F4E-40A9-84E4-D9E251489234",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E99CA124-7D86-463B-A31E-A7836B7493E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E014B028-8DD9-428C-B705-8F428F145932",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5306E847-C718-4C83-9C97-8AB498DC4A88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18287CEF-B574-4498-A256-567CA6E6CA7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5713043E-2535-4540-B3EF-41FAC40BECE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67701D77-8B03-446A-AE22-4B8CCCD6F029",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "831A2390-7170-4FC0-A95E-3DAB1791017D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "493989DC-8F1B-45C9-AD11-38B97B958C9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F168FB20-0C44-4A5B-910A-04B9517545C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "737F22AB-C5A9-4A18-BA3D-38A222491397",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E5DCFD5-2B46-4D06-9E4C-B2325F440F02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5508320-8318-41A8-8026-4A61907C1CD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "176ACF88-6112-4179-8492-50C50577B300",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07FC868-0B38-4F24-BA40-87966FF80AB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA59279-3504-417D-9E86-E5886EE198BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E283C34-43AE-49A5-A72B-32DEA185ABD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB3AF13-5324-42CD-8EDB-6F730BF46214",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78706517-83F4-4D44-A6EC-B78ADCEABAC0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EACA55A5-4E73-4187-96BE-08E04F2C7659",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86879AC0-890E-42F4-9561-6851F38FE0AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E31CB8F-60FF-4D03-BE8C-824ECE967797",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19017B10-F630-42CD-ACD2-E817FEF0E7F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A41A34-58D2-4DBC-ABC9-20A62BC8A838",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7CCC02-113E-4EA1-B0CA-9FDF1108BB71",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF0025D-8DE1-437D-9A4E-72C3AC6B46CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cbr-8:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB77D0EC-A448-4D97-8EB0-EA4956549A52",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cg418-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C054973-91D8-439F-960F-02BF12A50632",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cg522-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79252E00-2D94-44AA-8601-E4AB4EA38A76",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:esr6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D19136-4ECB-437F-BA8A-E2FE35A39BF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-con-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4C98B90-69B3-4BDF-A569-4C102498BFAD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-con-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7646B0A1-FDF5-4A60-A451-E84CE355302E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-ncp-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA889066-14A8-4D88-9EFF-582FE1E65108",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-24t-ncp-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A0C09AE-CD2A-486A-82D4-2F26AA6B6B95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-con-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF81CC0-AEED-42DE-B423-8F4E118680BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-con-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDAAFDF1-7A3C-475F-AE82-B3194939D401",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-ncp-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9566FC8C-0357-4780-976F-8A68E6A7D24A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess-3300-ncp-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07503D21-965B-49F0-B8F2-B5ECD656F277",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess9300-10x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "880B8176-B30D-443E-B5F1-1769B65978C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:integrated_services_virtual_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5361C70A-C036-4254-9698-BC58F48C465B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. \r\n\r This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges."
    }
  ],
  "id": "CVE-2023-20065",
  "lastModified": "2024-11-21T07:40:28.227",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-23T17:15:14.393",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-08-29 16:15
Modified
2024-11-21 05:31
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.4.2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funcionalidad del Distance Vector Multicast Routing Protocol (DVMRP) de Cisco IOS XR Software, podr\u00eda permitir a un atacante remoto no autenticado agotar la memoria de proceso de un dispositivo afectado. La vulnerabilidad es debido a una gesti\u00f3n de cola insuficiente para los paquetes Internet Group Management Protocol (IGMP). Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico IGMP dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante agotar la memoria, resultando en una inestabilidad de otros procesos. Estos procesos pueden incluir, pero no se limitan a, protocolos de enrutamiento interior y exterior. Cisco lanzar\u00e1 actualizaciones de software que abordan esta vulnerabilidad"
    }
  ],
  "id": "CVE-2020-3566",
  "lastModified": "2024-11-21T05:31:19.740",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-08-29T16:15:09.797",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-03-09 22:15
Modified
2024-11-21 07:40
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads.
References
ykramarz@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbTVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbTVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco ios_xr 7.7
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "873225C3-D2D1-41C0-9C75-016E53A7BBEB",
              "versionEndExcluding": "7.5.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "864E90A6-B93D-4213-85D8-A2D847848A9E",
              "versionEndExcluding": "7.6.2",
              "versionStartIncluding": "7.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C8039EF-44D6-4C19-A3B3-37B75FB8D640",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads."
    }
  ],
  "id": "CVE-2023-20049",
  "lastModified": "2024-11-21T07:40:26.213",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-09T22:15:52.200",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbT"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-805"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-09-29 01:34
Modified
2024-11-21 03:09
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/101039Broken Link, Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1039449Broken Link, Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-natVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101039Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039449Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-natVendor Advisory
Impacted products
Vendor Product Version
cisco ios *
cisco 1100-4g\/6g_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4gltegb_integrated_services_router -
cisco 1100-4gltena_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100-lte_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1100_terminal_services_gateways -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 1801_integrated_service_router -
cisco 1802_integrated_service_router -
cisco 1803_integrated_service_router -
cisco 1811_integrated_service_router -
cisco 1812_integrated_service_router -
cisco 1841_integrated_service_router -
cisco 1861_integrated_service_router -
cisco 1905_integrated_services_router -
cisco 1906c_integrated_services_router -
cisco 1921_integrated_services_router -
cisco 1941_integrated_services_router -
cisco 1941w_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8208 -
cisco 8212 -
cisco 8218 -
cisco 8800_12-slot -
cisco 8800_18-slot -
cisco 8800_4-slot -
cisco 8800_8-slot -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 9800-40 -
cisco 9800-80 -
cisco 9800-cl -
cisco 9800-l -
cisco asr_1000 -
cisco asr_1000-esp100 -
cisco asr_1000-esp100-x -
cisco asr_1000-esp200-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1002_fixed_router -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_900 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco catalyst_3650 -
cisco catalyst_3650-12x48fd-e -
cisco catalyst_3650-12x48fd-l -
cisco catalyst_3650-12x48fd-s -
cisco catalyst_3650-12x48uq -
cisco catalyst_3650-12x48uq-e -
cisco catalyst_3650-12x48uq-l -
cisco catalyst_3650-12x48uq-s -
cisco catalyst_3650-12x48ur -
cisco catalyst_3650-12x48ur-e -
cisco catalyst_3650-12x48ur-l -
cisco catalyst_3650-12x48ur-s -
cisco catalyst_3650-12x48uz -
cisco catalyst_3650-12x48uz-e -
cisco catalyst_3650-12x48uz-l -
cisco catalyst_3650-12x48uz-s -
cisco catalyst_3650-24pd -
cisco catalyst_3650-24pd-e -
cisco catalyst_3650-24pd-l -
cisco catalyst_3650-24pd-s -
cisco catalyst_3650-24pdm -
cisco catalyst_3650-24pdm-e -
cisco catalyst_3650-24pdm-l -
cisco catalyst_3650-24pdm-s -
cisco catalyst_3650-24ps-e -
cisco catalyst_3650-24ps-l -
cisco catalyst_3650-24ps-s -
cisco catalyst_3650-24td-e -
cisco catalyst_3650-24td-l -
cisco catalyst_3650-24td-s -
cisco catalyst_3650-24ts-e -
cisco catalyst_3650-24ts-l -
cisco catalyst_3650-24ts-s -
cisco catalyst_3650-48fd-e -
cisco catalyst_3650-48fd-l -
cisco catalyst_3650-48fd-s -
cisco catalyst_3650-48fq -
cisco catalyst_3650-48fq-e -
cisco catalyst_3650-48fq-l -
cisco catalyst_3650-48fq-s -
cisco catalyst_3650-48fqm -
cisco catalyst_3650-48fqm-e -
cisco catalyst_3650-48fqm-l -
cisco catalyst_3650-48fqm-s -
cisco catalyst_3650-48fs-e -
cisco catalyst_3650-48fs-l -
cisco catalyst_3650-48fs-s -
cisco catalyst_3650-48pd-e -
cisco catalyst_3650-48pd-l -
cisco catalyst_3650-48pd-s -
cisco catalyst_3650-48pq-e -
cisco catalyst_3650-48pq-l -
cisco catalyst_3650-48pq-s -
cisco catalyst_3650-48ps-e -
cisco catalyst_3650-48ps-l -
cisco catalyst_3650-48ps-s -
cisco catalyst_3650-48td-e -
cisco catalyst_3650-48td-l -
cisco catalyst_3650-48td-s -
cisco catalyst_3650-48tq-e -
cisco catalyst_3650-48tq-l -
cisco catalyst_3650-48tq-s -
cisco catalyst_3650-48ts-e -
cisco catalyst_3650-48ts-l -
cisco catalyst_3650-48ts-s -
cisco catalyst_3650-8x24pd-e -
cisco catalyst_3650-8x24pd-l -
cisco catalyst_3650-8x24pd-s -
cisco catalyst_3650-8x24uq -
cisco catalyst_3650-8x24uq-e -
cisco catalyst_3650-8x24uq-l -
cisco catalyst_3650-8x24uq-s -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
cisco catalyst_9200 -
cisco catalyst_9200cx -
cisco catalyst_9200l -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9600_supervisor_engine-1 -
cisco catalyst_9600x -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-40_wireless_controller -
cisco catalyst_9800-80 -
cisco catalyst_9800-80_wireless_controller -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -
cisco catalyst_9800_embedded_wireless_controller -
cisco catalyst_ie3200_rugged_switch -
cisco catalyst_ie3300_rugged_switch -


To clipboard 

{
  "cisaActionDue": "2022-03-24",
  "cisaExploitAdd": "2022-03-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AE09220-EF68-4DFE-AA9C-E4F5508EDF3D",
              "versionEndIncluding": "15.6",
              "versionStartIncluding": "12.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBE4E146-1D77-4F15-AE58-3C1CE5DB62C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100_terminal_services_gateways:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9A4ED65-7DED-4EAD-BF37-FCA71E807CA1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1801_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D5E48D7-2266-4649-90A9-62C476AFE6DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1802_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99581637-E184-4A02-8313-57C7C31E5479",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1803_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C6D4A90-31B9-4B6C-ADAC-44C49DB44115",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1811_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3AF3F75-0BD8-4AA6-B696-3624BEE86681",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1812_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C58CEA6-69F8-4021-98C9-4676C70AB167",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1841_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF156D97-7C39-49CF-9938-D9681066FF05",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1861_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "459FEB4E-54E3-4FE5-82A5-6E4ECE855DD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1905_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "871AC0F6-5C01-43A1-8436-7885439BD81F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1906c_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1DEFFA8-11A6-43CC-A886-DD38EFF22ACB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2147DBF8-B733-4F76-90C5-9D94F1E93625",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F42D5B4-BB07-4C9C-852F-0D839E9F2AA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9222CA59-F4FD-478D-83C9-566B389140B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8208:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A34DAD43-0C95-4830-8078-EFE3E6C0A930",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8212:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "46F5CBF0-7F55-44C0-B321-896BDBA22679",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8218:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D381E343-416F-42AF-A780-D330954F238F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C3816C-95F4-443C-9C79-72F0251528F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1810C73-93B8-4EB5-85FC-3585AD5256BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE2BC76E-A166-4E71-B058-F49FF84A9E19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "542244A0-300C-4630-812A-BF45F61E38DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "917B52DF-4210-4DD6-97EF-8A033497A954",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp200-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7F413FB-D4F9-4113-9D67-2956BF1DC30D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E673A75F-EFF8-4591-8E0F-A21083563DBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "A50A1CA4-F928-4787-ADB4-0274301B7EF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "515CD97F-DDBD-4F75-A6DB-646890A30B32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E181FC9-6790-4C12-874F-67252B6879BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE063AF2-5579-4D7E-8829-9102FC7CB994",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18E4A46-10D3-48F8-9E92-377ACA447257",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE110B5-CC6E-4103-9983-4195BCC28165",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B97DDC45-ABD1-4C8F-A249-0865345637A4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FE4D129-435B-45DD-838D-4017BD94DF93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "456C68A8-F3C8-4302-B55A-134979B42045",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C6733C-F77B-4688-B051-C1557F4D8D41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD45D77-4097-4AFB-98DF-5B8188316C20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31608C12-FBED-4EAD-96EC-48BC4B356B77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D989205A-0576-415C-935E-E83AD42FD1CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C3EB40-574A-48F7-A679-90F62ED976B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CC6206-DF19-4636-84C2-8912E443D122",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85489F69-EAF0-4971-8C93-36838A8AA00E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA179D79-07E7-4721-85BB-0C740B516B1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E7ED87-8AC0-4107-A7A5-F334236E2906",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7814FA61-CAF1-46DE-9D84-CEBE6480EA03",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EE4F60E-DF3D-4839-8731-7CF16DA8FF26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA5EEE3-A084-46B4-84C0-ADFD69800649",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "592F67D5-344B-49AF-A277-1089A40AC2FD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7434059A-25B8-4FAC-A756-6E571348B76E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB2A5355-BF40-437C-8683-A7A81DEE362C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43F4B90E-3499-45D4-864D-18505E2149F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9BE6BA-6B2D-47C9-B8F1-3C9CE213948D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "858FEECF-CC69-4E68-8E8A-674643021964",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE5FCCFF-E491-474F-9B86-AB51D8244582",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8464F8-D6D2-4165-ADE8-B40F7D8556C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61007628-A81B-43E0-86DE-1F7DDAD9F1A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91B9F022-4C3D-493E-9418-E9CDDAFEC9B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C3F03C3-C0CA-4E9B-A99A-BE28153EB5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B39F250E-6A89-4537-BD31-1FB81734A9A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4E3B69-DDE8-4EA2-8E63-D6EEF41083B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8904EAF5-25E7-4A6B-8117-1859F913B83B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A369CD35-1242-4556-A83D-BD69CC149CFA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2D1B9E-6234-4FD6-A003-AFBC8A4DC2E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "784A1499-1F33-493D-B433-EB2550C03C19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A990D6-B748-4AFD-B924-1D19680BD3DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CECFC88D-5480-46E4-BF74-E11A514A8BDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E54D16A8-0407-41E3-9599-9A6F57E1AA75",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C94A9A21-C4F7-4EA4-95B1-DEA7DDA0F77D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3818CC-8653-4A9E-A57B-950A15914D6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC790B-B42D-45DB-ACF5-A789F76C2BC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A6BC84-91F2-437D-9D2E-F8B3F5966767",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F331F13-5D05-4213-B442-D48D8E22287B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E312F4-90DA-40E4-BCD1-92F41BEEEECF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA32EA3F-946D-430D-B00F-939D828DD72C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D239A09C-34D2-4418-B538-03A1080B8479",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C84561E-DD99-4433-9EF2-083F7C300123",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B29871BE-CA7D-4108-B46A-CBD539C9A2B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39CD9189-6524-4157-B90E-FF6A81DE3599",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF1B702-643A-4AF2-B0AD-3C540CF85F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96269625-CB31-4850-872B-B2C1321B13B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "426B68A6-3A41-43DB-846F-AEFBA62E221B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDE086A-3FE5-46E3-BD66-23D0AE5089BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA53775A-D3ED-4D34-8338-A384DBEB94E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7D4522-D6BB-467F-AF5D-4D753A89D524",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C96215F-A300-4B4E-9D3A-C32E484BFC5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C680534-C663-40B0-A4AA-7F292EE60FE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF4F233-7B47-46ED-BDC5-A589BCFC0B39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A528EC0-4650-4787-BE52-A588E7E38A31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53898E96-03D6-43A2-AE05-46C62464BD26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "465917E5-8BF0-4BBB-85A0-DE8F516880C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FA66D9-E465-406E-A95C-608A1BE34D74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EFFE6E6-413F-48AC-B4CE-0F1058C48FC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1456B204-A2A5-4790-A684-7F50D692EC9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD715BDD-7C74-4785-BEDF-75918F6FB37A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD10664-94D0-48C0-92EF-E8EA66841245",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "071A47F9-FF35-4F2C-BF5D-897CAC8BC08A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E988448-36C9-47E0-9356-DA400EB824E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D067EF9-00DB-4979-B12E-55749059A083",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9FA300A-44B1-44EE-8111-C1296EB0B638",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8598A543-B30B-4BD4-9974-F432FFFDCDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48DEBBAD-D28D-4784-BBD8-9FAD1710A919",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A5FC516-6B48-4D77-B26D-FA097AC91D1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A7437E4-5C09-436C-AFBC-F6B6747A4339",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECBC0277-4990-4DE7-AD80-20E8A6F561D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E7DAF69-662B-4999-A6AD-AA528B53EAF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DF90C70-A2B8-44A4-B4A1-2A1B48AA9D0A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28306B1-3DDE-4444-9784-522B3D2163EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9257D187-1F2D-40F4-8C87-78978DB56C3F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF4A033-FD9E-4B98-A0FD-CF6CD9BD3E5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AF8261-74E0-4F53-B82C-A7BA7559D7CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25AE251E-E99F-4546-85B0-C57834B040B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62FFCB9-4253-459B-9298-C252DA9177DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "991CBDFB-6836-4D1F-80A9-14EBCE3F855F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B4C0250-DA0D-4CEE-99F4-C211163C6653",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E18C436-AC70-4E2E-8ED2-EEADFCE36CB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D453BF6-AB9F-4D47-B4DF-C25C67358FFE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "005F5347-A5E6-4954-ACAB-E4DF29119724",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "882B8D8F-E154-45C3-BB47-5353167C9776",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E87F823-D924-4718-AD81-248A6C619531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E45BCCD0-65BB-431F-B448-221C1595CD92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F33BA722-0680-4074-8D03-41657F8CDCC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "295C46B4-5E9F-4DD8-861B-00BA43923306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F840171D-CA1C-4E25-BD41-6B871C47BB84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B240B20-CF48-4A72-9653-9D04D59C1391",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CCD143-3D6E-4880-B275-ECF5B04238C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58FF034-8E07-4518-A858-5F16F22217E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "376AD386-373D-4B24-966F-D11F76C9020F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0C1174-C789-4547-9899-F7FCD0905F92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC366801-655A-403B-ACD9-3BB43802A3C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E4D5A8-7E4A-44C5-81DC-84712781206D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13D6D50-D0FA-4527-BED3-52560DDD5253",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "965BF315-D833-4711-97FC-512151113367",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04072C0F-78A2-4D10-87B2-52DC2537BA89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD262F58-C47F-439E-A9FF-D1C60120D306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74AED057-2458-4DE0-8D51-ABD766D07F68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19538C03-5FB8-4401-8B21-489C629D7E7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B26D7061-F471-4DF0-A892-ED132958B84A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "033ED443-80E7-4012-9825-07AAC0D44B96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD3F3CC6-A349-47B1-B282-B6458683C191",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21AFDC0D-7629-424E-827B-C8A8767324C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A263CFF2-A659-405B-90EA-51E49B25C6D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFBD449-217D-4569-99F7-D56B853A3E07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED668FC-D1A5-4175-A234-23760BA6E788",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D650C48-9241-42F7-87A9-20733329489A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82D345E7-8208-41AC-B11A-4425D29E98A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E386D461-F1C1-4970-B056-D6119E74D449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "226F985C-4669-4D0A-9DB4-CB1465B37B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B736A43-6F4E-40A9-84E4-D9E251489234",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E99CA124-7D86-463B-A31E-A7836B7493E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E014B028-8DD9-428C-B705-8F428F145932",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5306E847-C718-4C83-9C97-8AB498DC4A88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18287CEF-B574-4498-A256-567CA6E6CA7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5713043E-2535-4540-B3EF-41FAC40BECE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67701D77-8B03-446A-AE22-4B8CCCD6F029",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "831A2390-7170-4FC0-A95E-3DAB1791017D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "493989DC-8F1B-45C9-AD11-38B97B958C9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F168FB20-0C44-4A5B-910A-04B9517545C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "176ACF88-6112-4179-8492-50C50577B300",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07FC868-0B38-4F24-BA40-87966FF80AB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA59279-3504-417D-9E86-E5886EE198BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E283C34-43AE-49A5-A72B-32DEA185ABD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB3AF13-5324-42CD-8EDB-6F730BF46214",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78706517-83F4-4D44-A6EC-B78ADCEABAC0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86879AC0-890E-42F4-9561-6851F38FE0AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19017B10-F630-42CD-ACD2-E817FEF0E7F1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de la funcionalidad NAT (Network Address Translation) en Cisco IOS desde la versi\u00f3n 12.4 hasta la 15.6 podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una traducci\u00f3n incorrecta de los mensajes H.323. que utiliza el protocolo RAS (Registration, Admission and Status) y a que se env\u00edan al dispositivo afectado mediante paquetes IPv4. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete H.323 RAS manipulado mediante el dispositivo afectado. Si se explota con \u00e9xito, podr\u00eda permitir que el atacante provoque que el dispositivo afectado deje de ejecutarse de manera inesperada y que se reinicie, provocando una denegaci\u00f3n de servicio. Esta vulnerabilidad afecta a los dispositivos Cisco que est\u00e1n configurados para usar una puerta de enlace a nivel de aplicaci\u00f3n con NAT (NAT ALG) para mensajes H.3323 RAS. Por defecto, NAT ALG est\u00e1 habilitado para mensajes H.323 RAS. Cisco Bug IDs: CSCvc57217."
    }
  ],
  "id": "CVE-2017-12231",
  "lastModified": "2024-11-21T03:09:05.157",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-29T01:34:48.747",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101039"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039449"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039449"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 17.9.1
cisco 1000_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 4321_integrated_services_router -
cisco 4331_integrated_services_router -
cisco 4351_integrated_services_router -
cisco 4431_integrated_services_router -
cisco 4451-x_integrated_services_router -
cisco 4451_integrated_services_router -
cisco 4461_integrated_services_router -
cisco asr-920-10sz-pd -
cisco asr-920-12cz-a -
cisco asr-920-12cz-d -
cisco asr-920-12sz-a -
cisco asr-920-12sz-d -
cisco asr-920-12sz-im -
cisco asr-920-12sz-im-cc -
cisco asr-920-20sz-m -
cisco asr-920-24sz-im -
cisco asr-920-24sz-m -
cisco asr-920-24tz-im -
cisco asr-920-24tz-m -
cisco asr-920-4sz-a -
cisco asr-920-4sz-d -
cisco asr-9901-rp -
cisco asr_1000-esp100 -
cisco asr_1000-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1002_fixed_router -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_1023_router -
cisco asr_5000 -
cisco asr_5500 -
cisco asr_5700 -
cisco asr_900 -
cisco asr_900_ -
cisco asr_900_route_switch_processor_2_\(rsp2\) -
cisco asr_900_route_switch_processor_3_\(rsp3\) -
cisco asr_9000 -
cisco asr_9000 -
cisco asr_9000 -
cisco asr_9000_rsp440_router -
cisco asr_9000v -
cisco asr_9000v -
cisco asr_9000v v2
cisco asr_9001 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-10sz-pd_router -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-a_router -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12cz-d_router -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-12sz-im_router -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-im_router -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24sz-m_router -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-24tz-m_router -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-a_router -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920-4sz-d_router -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco asr_9922 -
cisco asr1000-2t\+20x1ge -
cisco asr1000-6tge -
cisco asr1000-esp200 -
cisco asr1000-mip100 -
cisco asr1000-rp3 -
cisco asr1001-hx -
cisco asr1001-hx-rf -
cisco asr1001-x -
cisco asr1001-x-rf -
cisco asr1001-x-ws -
cisco asr1002-hx -
cisco asr1002-hx-rf -
cisco asr1002-hx-ws -
cisco asr1002-x -
cisco asr1002-x-rf -
cisco asr1002-x-ws -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
cisco catalyst_9100 -
cisco catalyst_9105 -
cisco catalyst_9105axi -
cisco catalyst_9105axw -
cisco catalyst_9115 -
cisco catalyst_9115_ap -
cisco catalyst_9115axe -
cisco catalyst_9115axi -
cisco catalyst_9117 -
cisco catalyst_9117_ap -
cisco catalyst_9117axi -
cisco catalyst_9120 -
cisco catalyst_9120_ap -
cisco catalyst_9120axe -
cisco catalyst_9120axi -
cisco catalyst_9120axp -
cisco catalyst_9124 -
cisco catalyst_9124axd -
cisco catalyst_9124axi -
cisco catalyst_9130 -
cisco catalyst_9130_ap -
cisco catalyst_9130axe -
cisco catalyst_9130axi -
cisco catalyst_9200 -
cisco catalyst_9200cx -
cisco catalyst_9200l -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9400 -
cisco catalyst_9400_supervisor_engine-1 -
cisco catalyst_9407r -
cisco catalyst_9410r -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9600_supervisor_engine-1 -
cisco catalyst_9600x -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-40_wireless_controller -
cisco catalyst_9800-80 -
cisco catalyst_9800-80_wireless_controller -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -
cisco catalyst_9800_embedded_wireless_controller -
cisco catalyst_ie3200 -
cisco catalyst_ie3200_rugged_switch -
cisco catalyst_ie3300 -
cisco catalyst_ie3300_rugged_switch -
cisco catalyst_ie3400 -
cisco catalyst_ie3400_heavy_duty_switch -
cisco catalyst_ie3400_rugged_switch -
cisco catalyst_ie9300 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "818CEFA6-208C-43C3-8E43-474A93ADCF21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82225D40-537F-41D2-B1C4-1B7D06466B06",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-10sz-pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FCA2DB2-AE09-4A99-90C9-60AE0CD9A035",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12cz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11B83BED-5A49-4CF0-9827-AA291D01F60E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12cz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1E8937-51D9-43E6-876E-5D39AD3D32C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CA7AE63-99B9-4F28-8670-639A9B31E494",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E858B4AB-49B1-4F1C-8722-6E6911194924",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D9ECE39-C111-412B-AF56-9B7435D98FE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-12sz-im-cc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "577D1BF2-5180-4301-941C-3C0ADDD23AA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-20sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60DFE60A-34C5-42C3-B539-57AAA9D4F684",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-24sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1B25F27-6527-46F8-9C1A-4B4F79F3E6C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-24sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FE70CCD-6062-45D8-8566-7C9E237E030F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-24tz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA3A897-ED4E-417F-BA6C-C1A825A210F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-24tz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "375F9E12-A61B-4FD3-AE07-D4E686EB112A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-4sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D724F932-4548-429D-8CAA-E82C3435A194",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-920-4sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BCC94C3-9EEF-4600-BE82-8AEDEB0F1446",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr-9901-rp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE36709F-DCF2-428F-8746-9C5096182E87",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746254AC-B039-432C-AA5C-A82260E57AD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "301681DF-2A9E-4A91-9918-4A46153ADC01",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9EF0299-16A7-446D-855D-BFF91EE65534",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900_:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15A2D364-18BE-49BC-8473-FC33D37AFCC8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900_route_switch_processor_2_\\(rsp2\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "406D120B-23C7-4B84-B976-066F933BBD1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900_route_switch_processor_3_\\(rsp3\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E19687EA-78E0-4E1C-A6B3-C1074FEA8CE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "A15B6B59-E90B-43A8-B4E7-3718FE6990AE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A580194-1B06-4D71-B618-345046DBA9C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E673A75F-EFF8-4591-8E0F-A21083563DBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "A50A1CA4-F928-4787-ADB4-0274301B7EF6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "515CD97F-DDBD-4F75-A6DB-646890A30B32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E181FC9-6790-4C12-874F-67252B6879BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE063AF2-5579-4D7E-8829-9102FC7CB994",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18E4A46-10D3-48F8-9E92-377ACA447257",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE110B5-CC6E-4103-9983-4195BCC28165",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B97DDC45-ABD1-4C8F-A249-0865345637A4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8A748B-DDA9-4F0B-9AAA-F9A62BBC3DCB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FE4D129-435B-45DD-838D-4017BD94DF93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "456C68A8-F3C8-4302-B55A-134979B42045",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F681230-2530-4ED9-85E9-FE7A57FCF2F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C6733C-F77B-4688-B051-C1557F4D8D41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E3D23C1-FE0E-4D33-9E89-07A4135E1360",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD45D77-4097-4AFB-98DF-5B8188316C20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E598123-4AF8-44F6-BE87-9F62007FF658",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31608C12-FBED-4EAD-96EC-48BC4B356B77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC28F05-20D0-4518-93FF-F254BA81E4B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D989205A-0576-415C-935E-E83AD42FD1CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2BCA1C7-5642-4A2B-9E61-B141E70E098A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C3EB40-574A-48F7-A679-90F62ED976B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CC6206-DF19-4636-84C2-8912E443D122",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C27ED272-FCA6-4002-93E1-EF0B89C84572",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85489F69-EAF0-4971-8C93-36838A8AA00E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD184DD-8774-4C18-BE53-BC6B133B01C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22F587F6-876D-4AE4-B6BD-ED50D47F5361",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA179D79-07E7-4721-85BB-0C740B516B1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "9FF5102C-3163-48F1-8D44-352D6715288D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "7FA1F27F-3265-482D-AD31-BCB300419526",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "6D1A5E2E-1CF6-4E3D-A474-9AA26758E574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E7ED87-8AC0-4107-A7A5-F334236E2906",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "3AE8FA9B-C71B-42AE-94B2-580F505BC17F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1000-2t\\+20x1ge:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77D24BB4-6357-4BFC-A4CB-B33ECDEB3BEE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1000-6tge:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B1F849A-05BA-4CA2-96AA-F8DFD5E725A5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1000-esp200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB060D83-2924-4D1D-9FEE-F8087FA8976D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1000-mip100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CF4D0E5-FF09-4919-B603-B42DB535386C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1000-rp3:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22C36989-4353-4B81-8B0F-FC6322C1C179",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C24227E-9FF6-4757-A342-958CA4B8BF63",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1001-hx-rf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E529335-18D1-4CEC-A8D5-CC1CA33D64F5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3072DEFA-61D6-413F-97FD-F64C0E90155C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1001-x-rf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FBFB5C-347B-4F73-93BE-4D3137D8F93A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1001-x-ws:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F040372-CDAD-4AC4-9B7C-BFF9658B6BF2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C33862F1-652A-4F60-BD3E-A6B3733E56A9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-hx-rf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "130205FD-CA31-4E49-B8C4-181840270C70",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-hx-ws:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "908A56D8-64AF-4813-9D4D-C429C0603A31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03A2AA1C-7568-4BB6-BBD3-8E03D32CDA1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-x-rf:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53DAF422-7E0B-44EB-AD8D-4643A9711739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr1002-x-ws:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F7F661E-335C-4123-9363-E2E5D51846C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "005F5347-A5E6-4954-ACAB-E4DF29119724",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "882B8D8F-E154-45C3-BB47-5353167C9776",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E87F823-D924-4718-AD81-248A6C619531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E45BCCD0-65BB-431F-B448-221C1595CD92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F33BA722-0680-4074-8D03-41657F8CDCC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "295C46B4-5E9F-4DD8-861B-00BA43923306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F840171D-CA1C-4E25-BD41-6B871C47BB84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B240B20-CF48-4A72-9653-9D04D59C1391",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CCD143-3D6E-4880-B275-ECF5B04238C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58FF034-8E07-4518-A858-5F16F22217E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "376AD386-373D-4B24-966F-D11F76C9020F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0C1174-C789-4547-9899-F7FCD0905F92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC366801-655A-403B-ACD9-3BB43802A3C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E4D5A8-7E4A-44C5-81DC-84712781206D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13D6D50-D0FA-4527-BED3-52560DDD5253",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "965BF315-D833-4711-97FC-512151113367",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04072C0F-78A2-4D10-87B2-52DC2537BA89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD262F58-C47F-439E-A9FF-D1C60120D306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B207857B-C483-47DF-9FC7-6A05B866BF60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85D2C587-E95B-4E74-88CF-5930072258D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74270062-2030-45A0-9C93-C1F3B7C88E8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F403859-F034-4DD9-9CA5-708EADECB380",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74AED057-2458-4DE0-8D51-ABD766D07F68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19538C03-5FB8-4401-8B21-489C629D7E7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B26D7061-F471-4DF0-A892-ED132958B84A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "033ED443-80E7-4012-9825-07AAC0D44B96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD3F3CC6-A349-47B1-B282-B6458683C191",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "21AFDC0D-7629-424E-827B-C8A8767324C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A263CFF2-A659-405B-90EA-51E49B25C6D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFBD449-217D-4569-99F7-D56B853A3E07",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED668FC-D1A5-4175-A234-23760BA6E788",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D650C48-9241-42F7-87A9-20733329489A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "82D345E7-8208-41AC-B11A-4425D29E98A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E386D461-F1C1-4970-B056-D6119E74D449",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "226F985C-4669-4D0A-9DB4-CB1465B37B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B736A43-6F4E-40A9-84E4-D9E251489234",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E99CA124-7D86-463B-A31E-A7836B7493E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E014B028-8DD9-428C-B705-8F428F145932",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5306E847-C718-4C83-9C97-8AB498DC4A88",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18287CEF-B574-4498-A256-567CA6E6CA7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5713043E-2535-4540-B3EF-41FAC40BECE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67701D77-8B03-446A-AE22-4B8CCCD6F029",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "831A2390-7170-4FC0-A95E-3DAB1791017D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "493989DC-8F1B-45C9-AD11-38B97B958C9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F168FB20-0C44-4A5B-910A-04B9517545C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "737F22AB-C5A9-4A18-BA3D-38A222491397",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E5DCFD5-2B46-4D06-9E4C-B2325F440F02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5508320-8318-41A8-8026-4A61907C1CD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "176ACF88-6112-4179-8492-50C50577B300",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07FC868-0B38-4F24-BA40-87966FF80AB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EA59279-3504-417D-9E86-E5886EE198BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E283C34-43AE-49A5-A72B-32DEA185ABD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADB3AF13-5324-42CD-8EDB-6F730BF46214",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78706517-83F4-4D44-A6EC-B78ADCEABAC0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EACA55A5-4E73-4187-96BE-08E04F2C7659",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86879AC0-890E-42F4-9561-6851F38FE0AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E31CB8F-60FF-4D03-BE8C-824ECE967797",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19017B10-F630-42CD-ACD2-E817FEF0E7F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A41A34-58D2-4DBC-ABC9-20A62BC8A838",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7CCC02-113E-4EA1-B0CA-9FDF1108BB71",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF0025D-8DE1-437D-9A4E-72C3AC6B46CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el procesamiento de paquetes malformados del Protocolo Industrial Com\u00fan (CIP) que se env\u00edan al software Cisco IOS y al software Cisco IOS XE podr\u00eda permitir a un atacante remoto no autenticado causar una recarga no esperada del dispositivo afectado, lo que provocar\u00eda una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido a que no es comprobado suficientemente la entrada durante el procesamiento de los paquetes CIP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete CIP malformado a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar al dispositivo afectado recargarse inesperadamente, resultando en una condici\u00f3n de DoS"
    }
  ],
  "id": "CVE-2022-20919",
  "lastModified": "2024-11-21T06:43:48.977",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-09-30T19:15:13.417",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-248"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_4009 -
cisco ncs_4016 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F40E779D-5865-4E4B-AE2D-CF1860BA19E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6A867F-E809-4CB5-82DB-2670CB0A6359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el proceso del servidor SSH de Cisco IOS XR Software podr\u00eda permitir a un atacante remoto autenticado sobrescribir y leer archivos arbitrario en el dispositivo local. Esta vulnerabilidad es debido a una insuficiente comprobaci\u00f3n de entrada de los argumentos suministrados por el usuario para un m\u00e9todo espec\u00edfico de transferencia de archivos. Un atacante con privilegios de nivel inferior podr\u00eda explotar esta vulnerabilidad al especificar par\u00e1metros del Protocolo de Copia Segura (SCP) cuando se autentifica en un dispositivo. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante elevar sus privilegios y recuperar y cargar archivos en un dispositivo al que no deber\u00eda tener acceso"
    }
  ],
  "id": "CVE-2021-34718",
  "lastModified": "2024-11-21T06:11:02.320",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 8.5,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 9.2,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-09T05:15:11.103",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-88"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-88"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-06-05 17:29
Modified
2024-11-21 04:37
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/108687Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-sshVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108687Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-sshVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr_firmware 6.1.2.tools
cisco ios_xr_firmware 6.1.3.tools
cisco ios_xr_firmware 6.2.3.tools
cisco ios_xr_firmware 6.4.2.tools
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco crs-1_16-slot_line_card_chassis -
cisco crs-1_16-slot_single-shelf_system -
cisco crs-1_4-slot_single-shelf_system -
cisco crs-1_8-slot_line_card_chassis -
cisco crs-1_8-slot_single-shelf_system -
cisco crs-1_fabric_card_chassis -
cisco crs-1_line_card_chassis_\(dual\) -
cisco crs-1_line_card_chassis_\(multi\) -
cisco crs-1_multishelf_system -
cisco crs-3_16-slot_single-shelf_system -
cisco crs-3_4-slot_single-shelf_system -
cisco crs-3_8-slot_single-shelf_system -
cisco crs-3_multishelf_system -
cisco crs-8\/s-b_crs -
cisco crs-8\/scrs -
cisco crs-x_16-slot_single-shelf_system -
cisco crs-x_multishelf_system -
cisco ncs_6008-8-slot_chassis -
cisco network_convergence_system_5508 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr_firmware:6.1.2.tools:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C7572F0-53A7-49B2-97A5-A9FAC7AFAD3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr_firmware:6.1.3.tools:*:*:*:*:*:*:*",
              "matchCriteriaId": "36326A0C-80EB-4AC3-8B99-5BCA81F100D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr_firmware:6.2.3.tools:*:*:*:*:*:*:*",
              "matchCriteriaId": "0004444D-F0B5-4AFC-B02A-515AEBFB8CFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr_firmware:6.4.2.tools:*:*:*:*:*:*:*",
              "matchCriteriaId": "C67AFE4B-EAF7-457D-8948-11C86FC483C7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_16-slot_line_card_chassis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A5D5476-202C-476C-BC43-C0A963C99079",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0F7E3D1-B738-4B69-AB38-3A273F454B9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_4-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2039DB3-F6BA-434D-A395-41DF7B641E4D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_8-slot_line_card_chassis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C078ABAD-0E35-481F-8096-FDD40451A318",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_8-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A8B9BF-E548-4CD9-AEC0-7030B89C4A32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_fabric_card_chassis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "941333EC-86D4-43AC-BD9A-D286B2276C95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(dual\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD07CEAB-98E4-4FEE-BFA4-ADA520F7A61F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(multi\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE33AF1E-5E5C-43A1-B2E3-28E823C47E99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_multishelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BBA0BE4-ED73-4B8C-BE53-5A2AB76981D0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F8EEEF-085A-49A5-A50E-24922B300F75",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_4-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10698948-E6E0-4C9B-9CB9-3626E4076336",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_8-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40EF0D7E-FB4E-433A-A983-34E44E790542",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_multishelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15448B60-0A19-477C-A08A-17578CF7C92C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-8\\/s-b_crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D31F6ED1-B20E-44CA-A74B-9D767EDF045F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-8\\/scrs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BDEC7F0-D4D5-45F0-89A4-49C596318C01",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-x_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16770F6C-539D-4B65-9C52-60F008C283D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-x_multishelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4F47E9F-D7BA-49B9-8070-1BC610B6AE2D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008-8-slot_chassis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E8AFAF4-4392-4EB5-AA35-68B97B036B62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:network_convergence_system_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2932D6BF-111E-4B56-9A2E-FDF7C6991097",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de identificaci\u00f3n Secure Shell (SSH) del software IOS XR de Cisco, podr\u00eda permitir a un atacante remoto identificado iniciar sesi\u00f3n correctamente en un dispositivo afectado usando dos nombres de usuario distintos. La vulnerabilidad es debido a un error l\u00f3gico que puede ocurrir cuando ciertas secuencias de acciones son procesadas durante un evento de inicio de sesi\u00f3n SSH en el dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el inicio de una sesi\u00f3n SSH en el dispositivo con una secuencia espec\u00edfica que presenta los dos nombres de usuario. Una operaci\u00f3n con \u00e9xtio podr\u00eda resultar en el registro de datos falsos, enumeraci\u00f3n de usuarios o, en ciertas circunstancias, una omisi\u00f3n de la autorizaci\u00f3n de comandos. Vea la secci\u00f3n de Detalles para m\u00e1s informaci\u00f3n."
    }
  ],
  "id": "CVE-2019-1842",
  "lastModified": "2024-11-21T04:37:30.750",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-06-05T17:29:00.430",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108687"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108687"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-285"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_4009 -
cisco ncs_4016 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco ios_xr *
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
              "versionEndIncluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
              "versionEndIncluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F40E779D-5865-4E4B-AE2D-CF1860BA19E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6A867F-E809-4CB5-82DB-2670CB0A6359",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
              "versionEndExcluding": "7.3.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
              "versionEndExcluding": "7.4.1",
              "versionStartIncluding": "7.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la CLI de Cisco IOS XR Software podr\u00edan permitir a un atacante local autenticado con una cuenta de bajo privilegio elevar los privilegios en un dispositivo afectado. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Details de este aviso"
    }
  ],
  "id": "CVE-2021-34719",
  "lastModified": "2024-11-21T06:11:02.477",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-09T05:15:11.310",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-09-23 01:15
Modified
2024-11-21 05:31
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.3.3
cisco ios_xr 6.4.2
cisco ios_xr 6.5.3
cisco ios_xr 6.6.2
cisco ios_xr 6.6.3
cisco ios_xr 7.0.2
cisco ios_xr 7.1.2
cisco ios_xr 7.1.15
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501 se
cisco ncs_5502 -
cisco ncs_5502 se
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6008 -
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501 se
cisco ncs_5502 -
cisco ncs_5502 se
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6008 -
cisco ios_xr 6.1.4
cisco ios_xr 6.4.2
cisco ios_xr 6.4.3
cisco crs -
cisco crs-1_16-slot_line_card_chassis -
cisco crs-1_16-slot_single-shelf_system -
cisco crs-1_4-slot_single-shelf_system -
cisco crs-1_8-slot_line_card_chassis -
cisco crs-1_8-slot_single-shelf_system -
cisco crs-1_fabric_card_chassis -
cisco crs-1_line_card_chassis_\(dual\) -
cisco crs-1_line_card_chassis_\(multi\) -
cisco crs-1_multishelf_system -
cisco crs-3_16-slot_single-shelf_system -
cisco crs-3_4-slot_single-shelf_system -
cisco crs-3_8-slot_single-shelf_system -
cisco crs-3_multishelf_system -
cisco crs-8\/s-b_crs -
cisco crs-8\/scrs -
cisco crs-x -
cisco crs-x_16-slot_single-shelf_system -
cisco crs-x_multishelf_system -
cisco crs_performance_route_processor -


To clipboard 

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "370F74EC-829D-4574-BE7D-85700E15C433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AE8971-5003-4A39-8173-E17CE9C2523F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "36944A2B-E4F5-41DE-AC4D-55BFA603BE5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F70AB37-3C0B-40A8-BC37-5A79DA5F45F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B842317-A5DB-4890-948A-DD26B7AE2540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "48928FFF-871C-4C07-8352-8C802FAD8F53",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FE69B4-DF27-46F1-8037-4B8D1F229C6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*",
              "matchCriteriaId": "603980FE-9865-4A71-A37C-A90B7F3B72D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
              "versionEndExcluding": "6.5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*",
              "matchCriteriaId": "22FE69B4-DF27-46F1-8037-4B8D1F229C6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*",
              "matchCriteriaId": "603980FE-9865-4A71-A37C-A90B7F3B72D6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4132A8AA-008B-49DA-AA5C-EB39CC65A2E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B051AF4-592A-4201-9DD3-8683C1847A00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_16-slot_line_card_chassis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A5D5476-202C-476C-BC43-C0A963C99079",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0F7E3D1-B738-4B69-AB38-3A273F454B9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_4-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2039DB3-F6BA-434D-A395-41DF7B641E4D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_8-slot_line_card_chassis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C078ABAD-0E35-481F-8096-FDD40451A318",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_8-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8A8B9BF-E548-4CD9-AEC0-7030B89C4A32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_fabric_card_chassis:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "941333EC-86D4-43AC-BD9A-D286B2276C95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(dual\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD07CEAB-98E4-4FEE-BFA4-ADA520F7A61F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(multi\\):-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE33AF1E-5E5C-43A1-B2E3-28E823C47E99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-1_multishelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BBA0BE4-ED73-4B8C-BE53-5A2AB76981D0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F8EEEF-085A-49A5-A50E-24922B300F75",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_4-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10698948-E6E0-4C9B-9CB9-3626E4076336",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_8-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "40EF0D7E-FB4E-433A-A983-34E44E790542",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-3_multishelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "15448B60-0A19-477C-A08A-17578CF7C92C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-8\\/s-b_crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D31F6ED1-B20E-44CA-A74B-9D767EDF045F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-8\\/scrs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BDEC7F0-D4D5-45F0-89A4-49C596318C01",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62F5E007-0CB6-424C-9AE8-01618C8C44E0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-x_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16770F6C-539D-4B65-9C52-60F008C283D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs-x_multishelf_system:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4F47E9F-D7BA-49B9-8070-1BC610B6AE2D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs_performance_route_processor:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6D383DA-04D7-4789-B7F7-B31FD645BA8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en la funcionalidad Distance Vector Multicast Routing Protocol (DVMRP) del Cisco IOS XR Software, podr\u00edan permitir a un atacante remoto no autenticado bloquear inmediatamente el Internet Group Management Protocol (IGMP) o lo haga consumir la memoria disponible y finalmente bloquearlo.\u0026#xa0;El consumo de memoria puede afectar negativamente a otros procesos que son ejecutados en el dispositivo.\u0026#xa0;Estas vulnerabilidades son debido al manejo incorrecto de paquetes IGMP.\u0026#xa0;Un atacante podr\u00eda explotar estas vulnerabilidades mediante el env\u00edo de un tr\u00e1fico IGMP dise\u00f1ado hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante bloquear inmediatamente el proceso IGMP o causar el agotamiento de la memoria, resultando en que otros procesos se vuelvan inestables.\u0026#xa0;Estos procesos pueden incluir, pero no se limitan a, protocolos de enrutamiento interior y exterior. Cisco emitir\u00e1 actualizaciones de software que abordan estas vulnerabilidades"
    }
  ],
  "id": "CVE-2020-3569",
  "lastModified": "2024-11-21T05:31:20.100",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-23T01:15:15.503",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-04-17 22:29
Modified
2024-11-21 04:37
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Summary
A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this vulnerability by sending traffic through an affected device that should otherwise be denied by the configured ACL. An exploit could allow the attacker to bypass protection offered by a configured ACL on the affected device. There are workarounds that address this vulnerability. Affected Cisco IOS XR versions are: Cisco IOS XR Software Release 5.1.1 and later till first fixed. First Fixed Releases: 6.5.2 and later, 6.6.1 and later.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/108026Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxraclVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108026Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxraclVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDD6EC92-3034-48C9-9A95-46585CAE18B6",
              "versionEndExcluding": "6.5.2",
              "versionStartIncluding": "5.1.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C49A71-2711-41E7-93E7-AD14F83A48D9",
              "versionEndExcluding": "6.6.1",
              "versionStartIncluding": "6.5.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this vulnerability by sending traffic through an affected device that should otherwise be denied by the configured ACL. An exploit could allow the attacker to bypass protection offered by a configured ACL on the affected device. There are workarounds that address this vulnerability. Affected Cisco IOS XR versions are: Cisco IOS XR Software Release 5.1.1 and later till first fixed. First Fixed Releases: 6.5.2 and later, 6.6.1 and later."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el indicador funci\u00f3n de inspecci\u00f3n de marcas TCP para listas de control de acceso (ACL) en ASR 9000 Series Aggregation Services de Cisco versi\u00f3n ASR 9000 Series podr\u00eda permitir que un atacante remoto no identificado omita la protecci\u00f3n ofrecida por una ACL configurada en un dispositivo afectado. La vulnerabilidad se debe a un procesamiento incorrecto de la ACL aplicada a una interfaz de un dispositivo afectado cuando se habilita el equilibrio de carga de Cisco Express Forwarding utilizando el algoritmo de hash de 3 tuplas. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico por medio de un dispositivo afectado que, de lo contrario, deber\u00eda ser rechazado por la ACL configurada. Una operaci\u00f3n podr\u00eda permitir al atacante omitir la protecci\u00f3n ofrecida por una ACL configurada en el dispositivo afectado. Hay soluciones que abordan esta vulnerabilidad. Las versiones afectadas de Cisco IOS XR son: Cisco IOS XR Software Release versi\u00f3n 5.1.1 y posteriores hasta su primera reparaci\u00f3n. Primeros lanzamientos fijos: versi\u00f3n 6.5.2 y posteriores, versi\u00f3n 6.6.1 y posteriores."
    }
  ],
  "id": "CVE-2019-1686",
  "lastModified": "2024-11-21T04:37:05.900",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-04-17T22:29:00.360",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108026"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxracl"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxracl"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-07-06 02:15
Modified
2024-11-21 04:37
Severity ?
6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FB59674-AF15-4BB6-B33F-DE0F74327EB4",
              "versionEndExcluding": "6.6.2",
              "versionStartIncluding": "4.3.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E7ED87-8AC0-4107-A7A5-F334236E2906",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de la funcionalidad Border Gateway Protocol (BGP) en el software IOS XR de Cisco, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad es debido al procesamiento incorrecto de ciertos mensajes de actualizaci\u00f3n de BGP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo mensajes de actualizaci\u00f3n de BGP que incluyan un conjunto espec\u00edfico de atributos para ser procesados ??por un sistema afectado. Una operaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante cause que el proceso BGP se reinicie inesperadamente, resultando en una condici\u00f3n de DoS. La implementaci\u00f3n de BGP de Cisco acepta el tr\u00e1fico BGP entrante solamente de peers expl\u00edcitamente definidos. Para aprovechar esta vulnerabilidad, el mensaje malicioso de actualizaci\u00f3n de BGP deber\u00eda provenir de un peer BGP configurado y v\u00e1lido o el atacante necesitar\u00eda inyectarlo hacia la red de BGP de la v\u00edctima en una conexi\u00f3n TCP v\u00e1lida existente a un peer de BGP."
    }
  ],
  "id": "CVE-2019-1909",
  "lastModified": "2024-11-21T04:37:39.967",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-07-06T02:15:11.527",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-09-29 01:34
Modified
2024-11-21 03:09
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/101034Broken Link, Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1039445Broken Link, Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390Vendor Advisory
ykramarz@cisco.comhttps://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959Vendor Advisory
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcpVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101034Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039445Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcpVendor Advisory
Impacted products
Vendor Product Version
cisco ios *
cisco 1000_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4gltegb_integrated_services_router -
cisco 1100-4gltena_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100-lte_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 1801_integrated_service_router -
cisco 1802_integrated_service_router -
cisco 1803_integrated_service_router -
cisco 1811_integrated_service_router -
cisco 1812_integrated_service_router -
cisco 1841_integrated_service_router -
cisco 1861_integrated_service_router -
cisco 1905_integrated_services_router -
cisco 1906c_integrated_services_router -
cisco 1921_integrated_services_router -
cisco 1941_integrated_services_router -
cisco 1941w_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 422_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8208 -
cisco 8212 -
cisco 8218 -
cisco 8800_12-slot -
cisco 8800_18-slot -
cisco 8800_4-slot -
cisco 8800_8-slot -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco 9800-40 -
cisco 9800-80 -
cisco 9800-cl -
cisco 9800-l -
cisco asr_1000 -
cisco asr_1000-esp100 -
cisco asr_1000-esp100-x -
cisco asr_1000-esp200-x -
cisco asr_1000-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_900 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-10sz-pd_router -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-a_router -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12cz-d_router -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-12sz-im_router -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-im_router -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24sz-m_router -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-24tz-m_router -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-a_router -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920-4sz-d_router -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco catalyst_3650 -
cisco catalyst_3650-12x48fd-e -
cisco catalyst_3650-12x48fd-l -
cisco catalyst_3650-12x48fd-s -
cisco catalyst_3650-12x48uq -
cisco catalyst_3650-12x48uq-e -
cisco catalyst_3650-12x48uq-l -
cisco catalyst_3650-12x48uq-s -
cisco catalyst_3650-12x48ur -
cisco catalyst_3650-12x48ur-e -
cisco catalyst_3650-12x48ur-l -
cisco catalyst_3650-12x48ur-s -
cisco catalyst_3650-12x48uz -
cisco catalyst_3650-12x48uz-e -
cisco catalyst_3650-12x48uz-l -
cisco catalyst_3650-12x48uz-s -
cisco catalyst_3650-24pd -
cisco catalyst_3650-24pd-e -
cisco catalyst_3650-24pd-l -
cisco catalyst_3650-24pd-s -
cisco catalyst_3650-24pdm -
cisco catalyst_3650-24pdm-e -
cisco catalyst_3650-24pdm-l -
cisco catalyst_3650-24pdm-s -
cisco catalyst_3650-24ps-e -
cisco catalyst_3650-24ps-l -
cisco catalyst_3650-24ps-s -
cisco catalyst_3650-24td-e -
cisco catalyst_3650-24td-l -
cisco catalyst_3650-24td-s -
cisco catalyst_3650-24ts-e -
cisco catalyst_3650-24ts-l -
cisco catalyst_3650-24ts-s -
cisco catalyst_3650-48fd-e -
cisco catalyst_3650-48fd-l -
cisco catalyst_3650-48fd-s -
cisco catalyst_3650-48fq -
cisco catalyst_3650-48fq-e -
cisco catalyst_3650-48fq-l -
cisco catalyst_3650-48fq-s -
cisco catalyst_3650-48fqm -
cisco catalyst_3650-48fqm-e -
cisco catalyst_3650-48fqm-l -
cisco catalyst_3650-48fqm-s -
cisco catalyst_3650-48fs-e -
cisco catalyst_3650-48fs-l -
cisco catalyst_3650-48fs-s -
cisco catalyst_3650-48pd-e -
cisco catalyst_3650-48pd-l -
cisco catalyst_3650-48pd-s -
cisco catalyst_3650-48pq-e -
cisco catalyst_3650-48pq-l -
cisco catalyst_3650-48pq-s -
cisco catalyst_3650-48ps-e -
cisco catalyst_3650-48ps-l -
cisco catalyst_3650-48ps-s -
cisco catalyst_3650-48td-e -
cisco catalyst_3650-48td-l -
cisco catalyst_3650-48td-s -
cisco catalyst_3650-48tq-e -
cisco catalyst_3650-48tq-l -
cisco catalyst_3650-48tq-s -
cisco catalyst_3650-48ts-e -
cisco catalyst_3650-48ts-l -
cisco catalyst_3650-48ts-s -
cisco catalyst_3650-8x24pd-e -
cisco catalyst_3650-8x24pd-l -
cisco catalyst_3650-8x24pd-s -
cisco catalyst_3650-8x24uq -
cisco catalyst_3650-8x24uq-e -
cisco catalyst_3650-8x24uq-l -
cisco catalyst_3650-8x24uq-s -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -


To clipboard 

{
  "cisaActionDue": "2022-03-24",
  "cisaExploitAdd": "2022-03-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B29302F-A386-4E69-BD22-59CDF9CB0E21",
              "versionEndIncluding": "15.6",
              "versionStartIncluding": "12.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4856E07-B3C2-4674-9584-866F6AF643B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62564BB8-1282-4597-A645-056298BE7CCB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBE4E146-1D77-4F15-AE58-3C1CE5DB62C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1801_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D5E48D7-2266-4649-90A9-62C476AFE6DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1802_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99581637-E184-4A02-8313-57C7C31E5479",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1803_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C6D4A90-31B9-4B6C-ADAC-44C49DB44115",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1811_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3AF3F75-0BD8-4AA6-B696-3624BEE86681",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1812_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C58CEA6-69F8-4021-98C9-4676C70AB167",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1841_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF156D97-7C39-49CF-9938-D9681066FF05",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1861_integrated_service_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "459FEB4E-54E3-4FE5-82A5-6E4ECE855DD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1905_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "871AC0F6-5C01-43A1-8436-7885439BD81F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1906c_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1DEFFA8-11A6-43CC-A886-DD38EFF22ACB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2147DBF8-B733-4F76-90C5-9D94F1E93625",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F42D5B4-BB07-4C9C-852F-0D839E9F2AA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9222CA59-F4FD-478D-83C9-566B389140B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:422_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03A273EE-41C1-41E9-9002-46F83FC6533F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8208:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A34DAD43-0C95-4830-8078-EFE3E6C0A930",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8212:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "46F5CBF0-7F55-44C0-B321-896BDBA22679",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8218:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D381E343-416F-42AF-A780-D330954F238F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6655851F-58D9-49D9-A56E-8440A7F7BB45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ED06361-5A68-4656-AEA5-240C290594CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE2514A1-486C-40F7-8746-56E2B973CBE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C3816C-95F4-443C-9C79-72F0251528F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1810C73-93B8-4EB5-85FC-3585AD5256BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE2BC76E-A166-4E71-B058-F49FF84A9E19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "542244A0-300C-4630-812A-BF45F61E38DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91209C16-A620-44A0-9134-8AA456343F29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp100-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "917B52DF-4210-4DD6-97EF-8A033497A954",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-esp200-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7F413FB-D4F9-4113-9D67-2956BF1DC30D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7594E307-AC80-41EC-AE94-07E664A7D701",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33208B25-0CBB-4E31-A892-60B7B5625155",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51F2A755-556C-4C5E-8622-96D124319AF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C81CC6E3-B989-4730-820E-46734E3E608D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E673A75F-EFF8-4591-8E0F-A21083563DBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "515CD97F-DDBD-4F75-A6DB-646890A30B32",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E181FC9-6790-4C12-874F-67252B6879BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE063AF2-5579-4D7E-8829-9102FC7CB994",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18E4A46-10D3-48F8-9E92-377ACA447257",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE110B5-CC6E-4103-9983-4195BCC28165",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B97DDC45-ABD1-4C8F-A249-0865345637A4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-10sz-pd_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8A748B-DDA9-4F0B-9AAA-F9A62BBC3DCB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FE4D129-435B-45DD-838D-4017BD94DF93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "456C68A8-F3C8-4302-B55A-134979B42045",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-a_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F681230-2530-4ED9-85E9-FE7A57FCF2F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C6733C-F77B-4688-B051-C1557F4D8D41",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12cz-d_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E3D23C1-FE0E-4D33-9E89-07A4135E1360",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD45D77-4097-4AFB-98DF-5B8188316C20",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-12sz-im_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E598123-4AF8-44F6-BE87-9F62007FF658",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31608C12-FBED-4EAD-96EC-48BC4B356B77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-im_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC28F05-20D0-4518-93FF-F254BA81E4B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D989205A-0576-415C-935E-E83AD42FD1CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24sz-m_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2BCA1C7-5642-4A2B-9E61-B141E70E098A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C3EB40-574A-48F7-A679-90F62ED976B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CC6206-DF19-4636-84C2-8912E443D122",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-24tz-m_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C27ED272-FCA6-4002-93E1-EF0B89C84572",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85489F69-EAF0-4971-8C93-36838A8AA00E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-a_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD184DD-8774-4C18-BE53-BC6B133B01C8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920-4sz-d_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "22F587F6-876D-4AE4-B6BD-ED50D47F5361",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA179D79-07E7-4721-85BB-0C740B516B1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E7ED87-8AC0-4107-A7A5-F334236E2906",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7814FA61-CAF1-46DE-9D84-CEBE6480EA03",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EE4F60E-DF3D-4839-8731-7CF16DA8FF26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EA5EEE3-A084-46B4-84C0-ADFD69800649",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "592F67D5-344B-49AF-A277-1089A40AC2FD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7434059A-25B8-4FAC-A756-6E571348B76E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB2A5355-BF40-437C-8683-A7A81DEE362C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43F4B90E-3499-45D4-864D-18505E2149F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9BE6BA-6B2D-47C9-B8F1-3C9CE213948D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "858FEECF-CC69-4E68-8E8A-674643021964",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE5FCCFF-E491-474F-9B86-AB51D8244582",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8464F8-D6D2-4165-ADE8-B40F7D8556C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61007628-A81B-43E0-86DE-1F7DDAD9F1A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91B9F022-4C3D-493E-9418-E9CDDAFEC9B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C3F03C3-C0CA-4E9B-A99A-BE28153EB5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B39F250E-6A89-4537-BD31-1FB81734A9A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB4E3B69-DDE8-4EA2-8E63-D6EEF41083B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8904EAF5-25E7-4A6B-8117-1859F913B83B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A369CD35-1242-4556-A83D-BD69CC149CFA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2D1B9E-6234-4FD6-A003-AFBC8A4DC2E6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "784A1499-1F33-493D-B433-EB2550C03C19",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A990D6-B748-4AFD-B924-1D19680BD3DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CECFC88D-5480-46E4-BF74-E11A514A8BDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E54D16A8-0407-41E3-9599-9A6F57E1AA75",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C94A9A21-C4F7-4EA4-95B1-DEA7DDA0F77D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF3818CC-8653-4A9E-A57B-950A15914D6B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EDC790B-B42D-45DB-ACF5-A789F76C2BC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A6BC84-91F2-437D-9D2E-F8B3F5966767",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F331F13-5D05-4213-B442-D48D8E22287B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E312F4-90DA-40E4-BCD1-92F41BEEEECF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA32EA3F-946D-430D-B00F-939D828DD72C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D239A09C-34D2-4418-B538-03A1080B8479",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C84561E-DD99-4433-9EF2-083F7C300123",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B29871BE-CA7D-4108-B46A-CBD539C9A2B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39CD9189-6524-4157-B90E-FF6A81DE3599",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF1B702-643A-4AF2-B0AD-3C540CF85F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96269625-CB31-4850-872B-B2C1321B13B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "426B68A6-3A41-43DB-846F-AEFBA62E221B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDE086A-3FE5-46E3-BD66-23D0AE5089BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA53775A-D3ED-4D34-8338-A384DBEB94E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7D4522-D6BB-467F-AF5D-4D753A89D524",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C96215F-A300-4B4E-9D3A-C32E484BFC5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C680534-C663-40B0-A4AA-7F292EE60FE2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAF4F233-7B47-46ED-BDC5-A589BCFC0B39",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A528EC0-4650-4787-BE52-A588E7E38A31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53898E96-03D6-43A2-AE05-46C62464BD26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "465917E5-8BF0-4BBB-85A0-DE8F516880C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FA66D9-E465-406E-A95C-608A1BE34D74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EFFE6E6-413F-48AC-B4CE-0F1058C48FC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1456B204-A2A5-4790-A684-7F50D692EC9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD715BDD-7C74-4785-BEDF-75918F6FB37A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD10664-94D0-48C0-92EF-E8EA66841245",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "071A47F9-FF35-4F2C-BF5D-897CAC8BC08A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E988448-36C9-47E0-9356-DA400EB824E3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D067EF9-00DB-4979-B12E-55749059A083",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9FA300A-44B1-44EE-8111-C1296EB0B638",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8598A543-B30B-4BD4-9974-F432FFFDCDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48DEBBAD-D28D-4784-BBD8-9FAD1710A919",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A5FC516-6B48-4D77-B26D-FA097AC91D1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A7437E4-5C09-436C-AFBC-F6B6747A4339",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECBC0277-4990-4DE7-AD80-20E8A6F561D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E7DAF69-662B-4999-A6AD-AA528B53EAF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DF90C70-A2B8-44A4-B4A1-2A1B48AA9D0A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28306B1-3DDE-4444-9784-522B3D2163EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9257D187-1F2D-40F4-8C87-78978DB56C3F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF4A033-FD9E-4B98-A0FD-CF6CD9BD3E5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4AF8261-74E0-4F53-B82C-A7BA7559D7CB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25AE251E-E99F-4546-85B0-C57834B040B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62FFCB9-4253-459B-9298-C252DA9177DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "991CBDFB-6836-4D1F-80A9-14EBCE3F855F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B4C0250-DA0D-4CEE-99F4-C211163C6653",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E18C436-AC70-4E2E-8ED2-EEADFCE36CB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D453BF6-AB9F-4D47-B4DF-C25C67358FFE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "005F5347-A5E6-4954-ACAB-E4DF29119724",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "882B8D8F-E154-45C3-BB47-5353167C9776",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E87F823-D924-4718-AD81-248A6C619531",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E45BCCD0-65BB-431F-B448-221C1595CD92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F33BA722-0680-4074-8D03-41657F8CDCC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "295C46B4-5E9F-4DD8-861B-00BA43923306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F840171D-CA1C-4E25-BD41-6B871C47BB84",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B240B20-CF48-4A72-9653-9D04D59C1391",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CCD143-3D6E-4880-B275-ECF5B04238C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58FF034-8E07-4518-A858-5F16F22217E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "376AD386-373D-4B24-966F-D11F76C9020F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0C1174-C789-4547-9899-F7FCD0905F92",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC366801-655A-403B-ACD9-3BB43802A3C5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47E4D5A8-7E4A-44C5-81DC-84712781206D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B13D6D50-D0FA-4527-BED3-52560DDD5253",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "965BF315-D833-4711-97FC-512151113367",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04072C0F-78A2-4D10-87B2-52DC2537BA89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD262F58-C47F-439E-A9FF-D1C60120D306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959."
    },
    {
      "lang": "es",
      "value": "El subsistema relay DHCP de Cisco IOS desde la versi\u00f3n 12.2 hasta la 15.6 y Cisco IOS XE contiene una vulnerabilidad que podr\u00eda permitir a un atacante remoto no autenticado ejecutar c\u00f3digo arbitrario y obtener el control total del sistema afectado. El atacante podr\u00eda tambi\u00e9n hacer que el sistema afectado se reinicie, provocando una denegaci\u00f3n de servicio (DoS) en consecuencia. Esta vulnerabilidad se debe a un desbordamiento de b\u00fafer en el subsistema relay DHCP del software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete DHCPv4 (DHCP Version 4) al sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante ejecute c\u00f3digo arbitrario y obtenga el control total del sistema afectado o haga que el sistema afectado se reinicie, provocando una denegaci\u00f3n de servicio (DoS) como consecuencia. Cisco Bug IDs: CSCsm45390, CSCuw77959."
    }
  ],
  "id": "CVE-2017-12240",
  "lastModified": "2024-11-21T03:09:06.497",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-09-29T01:34:49.077",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101034"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039445"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/101034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-01-31 20:29
Modified
2024-11-21 03:37
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/102905Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1040315Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/102905Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1040315Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6Patch, Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 5.3.4
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4A82FCC-14D4-4838-BB05-E2D08505ACD2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el subsistema IPv6 de Cisco IOS XR Software Release 5.3.4 para Cisco Aggregation Services Router (ASR) 9000 Series podr\u00eda permitir que un atacante remoto no autenticado desencadene la recarga de una o m\u00e1s tarjetas de l\u00ednea Trident, lo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a la manipulaci\u00f3n incorrecta de paquetes IPv6 con una extensi\u00f3n de cabecera de fragmento. Un atacante podr\u00eda explotar esta vulnerabilidad enviando paquetes IPv6 dise\u00f1ados para provocar este problema en o a trav\u00e9s de la tarjeta de l\u00ednea Trident. Un exploit con \u00e9xito podr\u00eda permitir que el atacante desencadene la recarga de las tarjetas de l\u00ednea Trident, lo que resulta en un DoS durante el per\u00edodo de tiempo que la tarjeta necesita para reiniciarse. Esta vulnerabilidad afecta a Cisco Aggregation Services Router (ASR) 9000 Series cuando se cumplen las siguientes condiciones: el router ejecuta Cisco IOS XR Software Release 5.3.4 y tiene instaladas tarjetas de l\u00ednea Trident con IPv6 configurado. Se ha puesto en disposici\u00f3n de los usuarios una actuaci\u00f3n del mantenimiento de software (SMU) que aborda esta vulnerabilidad. La soluci\u00f3n tambi\u00e9n se ha incorporado en service pack 7 para Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800."
    }
  ],
  "id": "CVE-2018-0136",
  "lastModified": "2024-11-21T03:37:35.470",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-01-31T20:29:00.663",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102905"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040315"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040315"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-01-26 05:15
Modified
2024-11-21 04:29
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS–IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS–IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS–IS process.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 4.3.2
cisco xr_12404 -
cisco xr_12406 -
cisco xr_12410 -
cisco xr_12416 -
cisco ios_xr 5.2.5
cisco ios_xr 6.2.2
cisco ios_xr 6.2.3
cisco ios_xr 6.2.25
cisco ios_xr 6.3.3
cisco ios_xr 6.4.2
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr 6.1.3
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.2.25
cisco ios_xr 6.3.3
cisco ios_xr 6.4.2
cisco ios_xr 6.5.2
cisco ios_xr 6.5.3
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr 6.1.3
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.3.3
cisco ios_xr 6.3.15
cisco ios_xr 6.5.2
cisco ios_xr 6.5.3
cisco ios_xr 6.6.1
cisco ios_xr 6.6.25
cisco ncs_5500 -
cisco ncs_5501 -
cisco ncs_5502 -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.4.2
cisco crs -
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.4.2
cisco ios_xr 6.5.3
cisco ios_xr 6.6.2
cisco xrv_9000 -
cisco ios_xr 6.3.3
cisco ios_xr 6.5.3
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ios_xr 6.6.25
cisco ncs_560 -
cisco ios_xr 6.1.2
cisco ios_xr 6.1.3
cisco ios_xr 6.1.4
cisco ios_xr 6.2.2
cisco ios_xr 6.2.3
cisco ios_xr 6.3.2
cisco ios_xr 6.3.3
cisco ios_xr 6.4.2
cisco ios_xr 6.5.2
cisco ios_xr 6.5.3
cisco ios_xr 6.6.2
cisco asr_9000 -
cisco asr_9000v v2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "73D962D3-563F-4CDE-B51D-224D7995FBC9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:xr_12404:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE1F838A-6CB9-4948-AC05-6C0CF412FF6D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xr_12406:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBE5027B-E4E9-4661-9480-F344D5AF7620",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xr_12410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "198D511F-F024-4E91-B323-7F1CDA0AE4E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xr_12416:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ADE218D-CD09-4334-8C83-AFAC8D41F61E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F517C60E-4580-486E-9A03-82A023755374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "370F74EC-829D-4574-BE7D-85700E15C433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E58E99-E8DD-4AF1-BA44-7E81223AB1F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D093D77E-66E3-4659-820E-F7E03A51A83C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "370F74EC-829D-4574-BE7D-85700E15C433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "11E58E99-E8DD-4AF1-BA44-7E81223AB1F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DE98B34-501B-449A-843A-58F297EDBE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D093D77E-66E3-4659-820E-F7E03A51A83C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "370F74EC-829D-4574-BE7D-85700E15C433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "31EC2C35-59C4-4827-89B6-F1A1EDEF8EFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DE98B34-501B-449A-843A-58F297EDBE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D686F339-9406-4ADF-B124-C815D43E4CAA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "370F74EC-829D-4574-BE7D-85700E15C433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B051AF4-592A-4201-9DD3-8683C1847A00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "370F74EC-829D-4574-BE7D-85700E15C433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AE8971-5003-4A39-8173-E17CE9C2523F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0235F415-F327-4914-8E2A-96334984797D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "D093D77E-66E3-4659-820E-F7E03A51A83C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F517C60E-4580-486E-9A03-82A023755374",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "370F74EC-829D-4574-BE7D-85700E15C433",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "540112FA-0329-4CD3-B57B-8CAA6DAC80C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DE98B34-501B-449A-843A-58F297EDBE1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AE8971-5003-4A39-8173-E17CE9C2523F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E7ED87-8AC0-4107-A7A5-F334236E2906",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of the Intermediate System\u0026ndash;to\u0026ndash;Intermediate System (IS\u0026ndash;IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS\u0026ndash;IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS\u0026ndash;IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS\u0026ndash;IS process."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de la funcionalidad del protocolo de enrutamiento Intermediate System\u2013to\u2013Intermediate System (IS\u2013IS) en Cisco IOS XR Software, podr\u00eda permitir a un atacante remoto autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el proceso IS\u2013IS. La vulnerabilidad es debido al manejo inapropiado de una petici\u00f3n de Protocolo Simple Network Management Protocol (SNMP) para Object Identifiers (OIDs) espec\u00edficos por el proceso IS\u2013IS. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n SNMP dise\u00f1ada hacia el dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una condici\u00f3n DoS en el proceso IS\u2013IS."
    }
  ],
  "id": "CVE-2019-16027",
  "lastModified": "2024-11-21T04:29:57.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-26T05:15:16.677",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-03-28 22:29
Modified
2024-11-21 03:37
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/103564Broken Link, Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1040586Broken Link, Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-107-03Third Party Advisory, US Government Resource
ykramarz@cisco.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-107-04Third Party Advisory, US Government Resource
ykramarz@cisco.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-107-05Third Party Advisory, US Government Resource
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldpVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/103564Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1040586Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldpVendor Advisory
Impacted products
Vendor Product Version
cisco ios 5.2.0.base
cisco ios_xe 5.2.0.base
cisco ios_xr *
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios *
cisco ios_xe *
rockwellautomation allen-bradley_stratix_5900 -
cisco ios *
cisco ios_xe *
rockwellautomation allen-bradley_armorstratix_5700 -
rockwellautomation allen-bradley_stratix_5400 -
rockwellautomation allen-bradley_stratix_5410 -
rockwellautomation allen-bradley_stratix_5700 -
rockwellautomation allen-bradley_stratix_8000 -
cisco ios *
cisco ios_xe *
rockwellautomation allen-bradley_stratix_8300 -


To clipboard 

{
  "cisaActionDue": "2022-03-17",
  "cisaExploitAdd": "2022-03-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:5.2.0.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F1A8DE5-8DBB-4A09-A9F2-8B5AF5E46896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:5.2.0.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "95ECCCEC-FA36-481E-B714-3DA57AE89C5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2213E83-7143-4ABF-9EFD-EB0928996464",
              "versionEndExcluding": "5.1.3",
              "versionStartIncluding": "4.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "65FB1D01-2A6F-496E-AD56-BBE03DEB9493",
              "versionEndIncluding": "15.6.3m1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E51621B6-010D-4D9F-9A9D-C354D8BB8135",
              "versionEndIncluding": "15.6.3m1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1609D07F-FF2D-49D8-8672-9C512A69479D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEE6CC29-29A9-4465-B0EA-1ECC435EBC55",
              "versionEndIncluding": "15.2\\(6\\)e0a",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBBC562A-BC2C-4F64-B5D4-47C33BBEE3C7",
              "versionEndIncluding": "15.2\\(6\\)e0a",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_armorstratix_5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8849345-E011-4160-A91C-DB760497AF9A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE92939D-3D1E-445C-8888-F3EB4E35A034",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B148D62-D1B2-4E40-9DDD-A8702DFAD2E4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8994DEA7-C4EC-47B9-8AEA-832AF9D1F8E4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_8000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9A02987-E6F4-41D2-92C5-016A22AC7D0A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7690EC4-F375-4D0A-8EED-26E01ECFDE55",
              "versionEndIncluding": "15.2\\(4a\\)ea5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C90778E3-4A55-498F-9CD6-80F8029AA722",
              "versionEndIncluding": "15.2\\(4a\\)ea5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A97B3B5-6606-46F5-BCD8-141FDD6F6729",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de desbordamiento de b\u00fafer en el subsistema LLDP (Link Layer Discovery Protocol) de Cisco IOS Software, Cisco IOS XE Software y Cisco IOS XR Software podr\u00edan permitir que un atacante adyacente sin autenticar provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) o que ejecute c\u00f3digo arbitrario con privilegios elevados en un dispositivo afectado. Cisco Bug IDs: CSCuo17183, CSCvd73487."
    }
  ],
  "id": "CVE-2018-0167",
  "lastModified": "2024-11-21T03:37:38.867",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-28T22:29:00.907",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103564"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040586"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103564"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040586"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-04-15 15:15
Modified
2024-11-21 06:43
Severity ?
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFjVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFjVendor Advisory
Impacted products
Vendor Product Version
cisco ios 17.6.1
cisco 1100-4g_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8800 -
cisco asr_1001-x -
cisco asr_1002-hx -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_900 -
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco catalyst_3650 -
cisco catalyst_3850 -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8500 -
cisco catalyst_8500l -
cisco catalyst_9200 -
cisco catalyst_9300 -
cisco catalyst_9400 -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-80 -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_cg418-e -
cisco catalyst_cg522-e -
cisco catalyst_ess9300 -
cisco catalyst_ie3200 -
cisco catalyst_ie3300 -
cisco catalyst_ie3400 -
cisco catalyst_ie9300 -
cisco cloud_services_router_1000v -
cisco esr3300 -
cisco esr6300 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:17.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "25FA8E21-9A5D-494C-92BF-42F1F4D2DCAA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B80890A8-E3D3-462C-B125-9E9BC6525B02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0547E196-5991-4C33-823A-342542E9DFD3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3F374DC-B9F7-4515-A064-01BB436CA984",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D916389F-54DB-44CB-91DD-7CE3C7059350",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B832863-E366-46ED-BC35-838762F0CE29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:8800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E899BDC3-03A0-4ED7-8C36-7BC247A344A8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7401B7-094C-46EB-9869-2F0372E8B26B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7814FA61-CAF1-46DE-9D84-CEBE6480EA03",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "005F5347-A5E6-4954-ACAB-E4DF29119724",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE9EABE0-5FB0-4277-A389-87732E750B7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AB61E9-0148-495E-BD21-64D52DE60A6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "737F22AB-C5A9-4A18-BA3D-38A222491397",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "176ACF88-6112-4179-8492-50C50577B300",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07FC868-0B38-4F24-BA40-87966FF80AB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B0E620C-8E09-4F7C-A326-26013173B993",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_cg418-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "25CE5302-0BA9-4155-A68B-3CD735F64A9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_cg522-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "405B9D5D-09E9-48D9-A164-04A6DCE41482",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ess9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A80AB4A-A121-4777-BD99-62D658A3DE22",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EACA55A5-4E73-4187-96BE-08E04F2C7659",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E31CB8F-60FF-4D03-BE8C-824ECE967797",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF0025D-8DE1-437D-9A4E-72C3AC6B46CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CCB8270-A01D-40A6-BF4B-26BAF65E68F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:esr3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07773DC-24E0-4651-A98B-9CD54419F4D1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:esr6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D19136-4ECB-437F-BA8A-E2FE35A39BF9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en el entorno de alojamiento de aplicaciones Cisco IOx en varias plataformas de Cisco podr\u00edan permitir a un atacante inyectar comandos arbitrarios en el sistema operativo del host subyacente, ejecutar c\u00f3digo arbitrario en el sistema operativo del host subyacente, instalar aplicaciones sin estar autenticado o conducir un ataque de tipo cross-site scripting (XSS) contra un usuario del software afectado. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Details de este aviso"
    }
  ],
  "id": "CVE-2022-20677",
  "lastModified": "2024-11-21T06:43:17.923",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 4.2,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-15T15:15:12.413",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-326"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-04-19 20:29
Modified
2024-11-21 03:37
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/103929Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1040710Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxrVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/103929Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1040710Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxrVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 4.0.4.base
cisco ios_xr 4.1.3.base
cisco ios_xr 4.2.4.base
cisco ios_xr 4.3.4.base
cisco ios_xr 4.4.3.ce
cisco ios_xr 5.0.3.ce
cisco ios_xr 5.1.4.base
cisco ios_xr 5.2.5.ce
cisco ios_xr 5.3.4.base
cisco ios_xr 5.4.3.ce
cisco ios_xr 6.0.4.base
cisco ios_xr 6.1.4.base
cisco ios_xr 6.2.3.base
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.0.4.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "527A8627-BB02-420C-8455-88E513FE1E5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.1.3.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "47A44BA1-9644-4828-A237-50F9828A5BE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.2.4.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "426C901C-0C18-4DA6-8A9E-C7530CABCF2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.3.4.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0B3BB42-4CC3-4463-985E-7728C2F1CE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:4.4.3.ce:*:*:*:*:*:*:*",
              "matchCriteriaId": "00C20AD9-19A8-42AB-B46D-7A74FF3502B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.0.3.ce:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F450B67-0C12-42AC-BAB9-5CB680F6C3F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.1.4.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "A59E9CE1-88BE-4BEC-A578-8B5C41560EE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.2.5.ce:*:*:*:*:*:*:*",
              "matchCriteriaId": "037143C6-8C0E-4EAD-B4D9-1DEECF67D7A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.3.4.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BDA4B2C-7770-4689-8C1C-8645AD6C8916",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.4.3.ce:*:*:*:*:*:*:*",
              "matchCriteriaId": "36A18333-0858-41AE-B856-AAE4D8C97F23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.0.4.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED7EBC2F-31AF-4353-976F-E82FCDB89E98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.1.4.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE2DAAB-D5EB-4D14-916A-732F4CDF4226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.2.3.base:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EEDE502-5A17-4C30-970C-F3867A148C77",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la funci\u00f3n de reenv\u00edo de transmisiones UDP en Cisco IOS XR Software podr\u00eda permitir que un atacante remoto sin autenticar provoque una denegaci\u00f3n de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a la gesti\u00f3n incorrecta de los paquetes de transmisi\u00f3n UDP que se reenv\u00edan a una direcci\u00f3n auxiliar IPv4. Un atacante podr\u00eda explotar esta vulnerabilidad enviando m\u00faltiples paquetes de transmisi\u00f3n UDP a un dispositivo afectado. Un exploit podr\u00eda permitir que el atacante provoque una fuga del b\u00fafer en el dispositivo afectado, lo que resultar\u00eda finalmente en una denegaci\u00f3n de servicio (DoS) que requerir\u00eda una intervenci\u00f3n manual para recuperarla. La vulnerabilidad afecta a todas las plataformas Cisco IOS XR que ejecuten las versiones 6.3.1, 6.2.3 o anteriores de Cisco IOS XR Software cuando, al menos, una direcci\u00f3n IPv4 auxiliar est\u00e1 configurada en una interfaz del dispositivo. Cisco Bug IDs: CSCvi35625."
    }
  ],
  "id": "CVE-2018-0241",
  "lastModified": "2024-11-21T03:37:47.947",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-19T20:29:00.877",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103929"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040710"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103929"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1040710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
ykramarz@cisco.comhttp://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlThird Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dosVendor Advisory
Impacted products
Vendor Product Version
cisco firepower_extensible_operating_system *
cisco firepower_extensible_operating_system *
cisco firepower_extensible_operating_system *
cisco fxos 2.4
cisco firepower_4110 -
cisco firepower_4115 -
cisco firepower_4120 -
cisco firepower_4125 -
cisco firepower_4140 -
cisco firepower_4145 -
cisco firepower_4150 -
cisco firepower_9300 -
cisco ios_xr 5.2.5
cisco ncs_6000 -
cisco ios_xr 6.4.2
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco crs -
cisco ios_xr 6.5.3
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_540-12z20g-sys-a -
cisco ncs_540-12z20g-sys-d -
cisco ncs_540-24z8q2c-sys -
cisco ncs_540-28z4c-sys-a -
cisco ncs_540-28z4c-sys-d -
cisco ncs_540-acc-sys -
cisco ncs_540x-12z16g-sys-a -
cisco ncs_540x-12z16g-sys-d -
cisco ncs_540x-16z4g8q2c-a -
cisco ncs_540x-16z4g8q2c-d -
cisco ncs_540x-acc-sys -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco xrv_9000 -
cisco ios_xr 6.6.25
cisco ncs_560 -
cisco ios_xr 7.0.1
cisco ncs_540l -
cisco nx-os *
cisco nx-os *
cisco mds_9132t -
cisco mds_9148s -
cisco mds_9148t -
cisco mds_9216 -
cisco mds_9216a -
cisco mds_9216i -
cisco mds_9222i -
cisco mds_9506 -
cisco mds_9509 -
cisco mds_9513 -
cisco mds_9706 -
cisco mds_9710 -
cisco mds_9718 -
cisco nx-os *
cisco nexus_1000ve -
cisco nx-os *
cisco nexus_1000v -
cisco nx-os *
cisco nexus_1000v -
cisco nx-os *
cisco nx-os *
cisco nexus_3016 -
cisco nexus_3048 -
cisco nexus_3064 -
cisco nexus_3064-t -
cisco nexus_31108pc-v -
cisco nexus_31108tc-v -
cisco nexus_31128pq -
cisco nexus_3132c-z -
cisco nexus_3132q -
cisco nexus_3132q-v -
cisco nexus_3132q-xl -
cisco nexus_3164q -
cisco nexus_3172 -
cisco nexus_3172pq-xl -
cisco nexus_3172tq -
cisco nexus_3172tq-32t -
cisco nexus_3172tq-xl -
cisco nexus_3232c_ -
cisco nexus_3264c-e -
cisco nexus_3264q -
cisco nexus_3408-s -
cisco nexus_34180yc -
cisco nexus_3432d-s -
cisco nexus_3464c -
cisco nexus_3524 -
cisco nexus_3524-x -
cisco nexus_3524-xl -
cisco nexus_3548 -
cisco nexus_3548-x -
cisco nexus_3548-xl -
cisco nexus_36180yc-r -
cisco nexus_3636c-r -
cisco nexus_9000v -
cisco nexus_92160yc-x -
cisco nexus_92300yc -
cisco nexus_92304qc -
cisco nexus_92348gc-x -
cisco nexus_9236c -
cisco nexus_9272q -
cisco nexus_93108tc-ex -
cisco nexus_93108tc-fx -
cisco nexus_93120tx -
cisco nexus_93128tx -
cisco nexus_93180lc-ex -
cisco nexus_93180yc-ex -
cisco nexus_93180yc-fx -
cisco nexus_93216tc-fx2 -
cisco nexus_93240yc-fx2 -
cisco nexus_9332c -
cisco nexus_9332pq -
cisco nexus_93360yc-fx2 -
cisco nexus_9336c-fx2 -
cisco nexus_9336pq_aci_spine -
cisco nexus_9348gc-fxp -
cisco nexus_9364c -
cisco nexus_9372px -
cisco nexus_9372px-e -
cisco nexus_9372tx -
cisco nexus_9372tx-e -
cisco nexus_9396px -
cisco nexus_9396tx -
cisco nexus_9504 -
cisco nexus_9508 -
cisco nexus_9516 -
cisco nx-os *
cisco nexus_5548p -
cisco nexus_5548up -
cisco nexus_5596t -
cisco nexus_5596up -
cisco nexus_56128p -
cisco nexus_5624q -
cisco nexus_5648q -
cisco nexus_5672up -
cisco nexus_5696q -
cisco nx-os *
cisco nx-os *
cisco nx-os *
cisco nx-os *
cisco nexus_7000 -
cisco nexus_7700 -
cisco nx-os *
cisco nx-os *
cisco nexus_9000v -
cisco nexus_92160yc-x -
cisco nexus_92300yc -
cisco nexus_92304qc -
cisco nexus_92348gc-x -
cisco nexus_9236c -
cisco nexus_9272q -
cisco nexus_93108tc-ex -
cisco nexus_93108tc-fx -
cisco nexus_93120tx -
cisco nexus_93128tx -
cisco nexus_93180lc-ex -
cisco nexus_93180yc-ex -
cisco nexus_93180yc-fx -
cisco nexus_93216tc-fx2 -
cisco nexus_93240yc-fx2 -
cisco nexus_9332c -
cisco nexus_9332pq -
cisco nexus_93360yc-fx2 -
cisco nexus_9336c-fx2 -
cisco nexus_9336pq_aci_spine -
cisco nexus_9348gc-fxp -
cisco nexus_9364c -
cisco nexus_9372px -
cisco nexus_9372px-e -
cisco nexus_9372tx -
cisco nexus_9372tx-e -
cisco nexus_9396px -
cisco nexus_9396tx -
cisco nexus_9504 -
cisco nexus_9508 -
cisco nexus_9516 -
cisco ucs_manager *
cisco ucs_manager *
cisco ucs_6248up -
cisco ucs_6296up -
cisco ucs_6300 -
cisco ucs_6324 -
cisco ucs_64108 -
cisco ucs_6454 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6793CE39-88B6-42DF-A586-43BC656F00DD",
              "versionEndIncluding": "2.3.1.173",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5CD86FB-4B86-470E-A1F8-3F3EBC66F0F3",
              "versionEndExcluding": "2.6.1.187",
              "versionStartIncluding": "2.6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A19CF844-DCAA-46DD-95FC-1BC200E7DE91",
              "versionEndExcluding": "2.7.1.106",
              "versionStartIncluding": "2.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:fxos:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "35E2BDED-6263-4948-89A3-5D867D52BD48",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B051AF4-592A-4201-9DD3-8683C1847A00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5494B4B-0BB4-48AE-8B0D-04DE649F9313",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A0C835-6C98-4AB6-89FF-C27117BB6B12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "395F25CD-FDF5-48D7-A048-A6B4F4779EC9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E926BBC-F5C5-4D02-8A62-F1A5DE3C54DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFB1323A-C472-4EA1-A969-1D1C10AB0CE8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540-acc-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "124CE49C-1C2B-40A5-8F59-7A223766E12F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A83F3D33-0674-4F74-AEA9-BC824D8536F5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "784A450D-8DCA-43E5-8044-A9F2363FB006",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92E88ED4-C2AF-407C-A395-3D7806D68758",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DA11E43-F821-45F6-A2DB-E1EBC8BDE68B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540x-acc-sys:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "871D84C5-71EE-4B82-A48C-A1CC68DA332A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82AF763B-9299-4EDC-B42D-B83736839CA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "55812D67-23B2-4EE1-8DEF-B1386551D825",
              "versionEndExcluding": "6.2\\(29\\)",
              "versionStartIncluding": "5.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2516465F-34B9-4E24-B65B-3952DAEF25FD",
              "versionEndExcluding": "8.4\\(1a\\)",
              "versionStartIncluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56426D35-FCFD-406E-9144-2E66C8C86EFC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90094569-AA2C-4D35-807F-9551FACE255F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12DB1A25-A7C9-412F-88BC-E89588896395",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C677D356-86C9-4491-A6CA-5E6306B2BB70",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5182CB50-4D32-4835-B1A8-817D989F919F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33FD38EF-3B47-4739-BF0B-FC50D8520DBC",
              "versionEndExcluding": "5.2\\(1\\)sv5\\(1.3\\)",
              "versionStartIncluding": "5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:vsphere:*:*",
              "matchCriteriaId": "707970E0-8B5F-4C9D-A1C2-6AF4286CFE2F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4832A094-92DB-402F-AF05-34B3A7C7CA0E",
              "versionEndIncluding": "5.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*",
              "matchCriteriaId": "69E1B4D2-4200-4C05-9E64-57A18823AF38",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FE8F16B-D59C-43C7-BECA-3D62B609AB94",
              "versionEndExcluding": "5.2\\(1\\)sv3\\(4.1b\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vsphere:*:*",
              "matchCriteriaId": "30E0EDCF-CF41-4DEA-85E6-C39F49B03F31",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D562562-099B-47D6-8A27-592960AEDB5C",
              "versionEndExcluding": "9.3\\(2\\)",
              "versionStartIncluding": "7.0\\(3\\)f2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBBBECB4-431D-42AE-9A15-E1B8C7186EE2",
              "versionEndExcluding": "7.0\\(3\\)i7\\(8\\)",
              "versionStartIncluding": "7.0\\(3\\)i",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "528ED62B-D739-4E06-AC64-B506FD73BBAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4226DA0-9371-401C-8247-E6E636A116C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3DBBFE9-835C-4411-8492-6006E74BAC65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3293438-3D18-45A2-B093-2C3F65783336",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BB9DD73-E31D-4921-A6D6-E14E04703588",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4532F513-0543-4960-9877-01F23CA7BA1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B43502B-FD53-465A-B60F-6A359C6ACD99",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10F80A72-AD54-4699-B8AE-82715F0B58E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "088C0323-683A-44F5-8D42-FF6EC85D080E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74CB4002-7636-4382-B33E-FBA060A13C34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57572E4A-78D5-4D1A-938B-F05F01759612",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E4C5F7-050A-40D8-B087-5F7597B97EEA",
              "versionEndExcluding": "7.3\\(6\\)n1\\(1\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1766443C-1C5A-486E-A36F-D3045F364D78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7D74A33-E46C-4A26-AEFF-A9064415F89E",
              "versionEndExcluding": "6.2\\(24\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA088812-07C5-47BF-9CB1-66D2E4E6D27C",
              "versionEndExcluding": "7.3\\(5\\)d1\\(1\\)",
              "versionStartIncluding": "7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8934F95-3C91-4499-ACA3-8C22DA785ED5",
              "versionEndExcluding": "8.2\\(5\\)",
              "versionStartIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66360174-9C40-4147-A94C-8007021C55A5",
              "versionEndExcluding": "8.4\\(2\\)",
              "versionStartIncluding": "8.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97BA8B03-822E-4544-89A0-23608D635DA7",
              "versionEndExcluding": "13.2\\(9b\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A415FC0-EC1A-4172-B88E-5AC3BEE291BE",
              "versionEndExcluding": "14.2\\(1j\\)",
              "versionStartIncluding": "14.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4283E433-7F8C-4410-B565-471415445811",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11411BFD-3F4D-4309-AB35-A3629A360FB0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E952A96A-0F48-4357-B7DD-1127D8827650",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70D81F1-8B12-4474-9060-B4934D8A3873",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7349D69B-D8FA-4462-AA28-69DD18A652D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91231DC6-2773-4238-8C14-A346F213B5E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "113772B6-E9D2-4094-9468-3F4E1A87D07D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1FC2B1F-232E-4754-8076-CC82F3648730",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4364ADB9-8162-451D-806A-B98924E6B2CF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B53BCB42-ED61-4FCF-8068-CB467631C63C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49E0371B-FDE2-473C-AA59-47E1269D050F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA022E77-6557-4A33-9A3A-D028E2DB669A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E02DC82-0D26-436F-BA64-73C958932B0A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BA5E06-2264-4292-93E5-D32A2D81600E",
              "versionEndExcluding": "3.2\\(3m\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C79BC0D-B86C-452B-B6CA-F93E938B707F",
              "versionEndExcluding": "4.0\\(4g\\)",
              "versionStartIncluding": "4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49112D3F-DFAD-4E71-992B-9E0640FA388C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6BCF41B-A617-4563-8D14-E906411354FB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de Cisco Discovery Protocol para Cisco FXOS Software, Cisco IOS XR Software y Cisco NX-OS Software, podr\u00eda permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una falta de comprobaci\u00f3n cuando el software afectado procesa los mensajes de Cisco Discovery Protocol. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante agotar la memoria del sistema, causando que el dispositivo se recargue. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusi\u00f3n que el dispositivo afectado (Capa 2 adyacente)."
    }
  ],
  "id": "CVE-2020-3120",
  "lastModified": "2024-11-21T05:30:22.057",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-02-05T18:15:11.063",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-01-26 05:15
Modified
2024-11-21 04:29
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes’ status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routesVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routesVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000v -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco crs -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco xrv_9000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco ios_xr 7.0.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco xrv_9000 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AE8971-5003-4A39-8173-E17CE9C2523F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B051AF4-592A-4201-9DD3-8683C1847A00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "82AF763B-9299-4EDC-B42D-B83736839CA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1BD9FC30-C073-4C63-8468-47DEF12A3875",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
              "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B529456-23DB-4917-A316-4CFC6AEC9964",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes\u0026rsquo; status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim\u0027s BGP network on an existing, valid TCP connection to a BGP peer."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n de la funcionalidad Border Gateway Protocol (BGP) Ethernet VPN (EVPN) en Cisco IOS XR Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido al procesamiento incorrecto de un mensaje de actualizaci\u00f3n de BGP que contiene atributos EVPN dise\u00f1ados. Un atacante podr\u00eda explotar indirectamente la vulnerabilidad mediante el env\u00edo de mensajes de actualizaci\u00f3n de BGP EVPN con un atributo espec\u00edfico malformado hacia un sistema afectado y esperar a que un usuario en el dispositivo despliegue el estado operativo routes\u2019 de EVPN. Si tiene \u00e9xito, el atacante podr\u00eda causar que el proceso BGP se reinicie inesperadamente, resultando en una condici\u00f3n DoS. La implementaci\u00f3n de Cisco de BGP acepta el tr\u00e1fico de BGP entrante solo desde peers definidos expl\u00edcitamente. Para explotar esta vulnerabilidad, el mensaje de actualizaci\u00f3n de BGP malicioso necesitar\u00eda venir desde un peer de BGP v\u00e1lido y configurado, o necesitar\u00eda ser inyectado por parte del atacante en la red de BGP de la v\u00edctima en una conexi\u00f3n TCP v\u00e1lida y existente a un peer de BGP."
    }
  ],
  "id": "CVE-2019-16018",
  "lastModified": "2024-11-21T04:29:56.110",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-26T05:15:14.413",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFDVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFDVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco asr_9000 -
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B5D889-BB78-4A59-9BA8-AE379814DCE1",
              "versionEndExcluding": "6.6.3",
              "versionStartIncluding": "6.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "95A9FD90-38BC-4DDA-AD94-DECD032AF8D9",
              "versionEndExcluding": "6.7.1",
              "versionStartIncluding": "6.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "26088AB3-C36F-4157-941C-8F7F7993457C",
              "versionEndExcluding": "7.0.2",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9A70D62-3F36-48FD-B4AC-690C23BCAF8A",
              "versionEndExcluding": "7.1.1",
              "versionStartIncluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FEF8271-315F-4756-931F-015F790BE693",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA241214-2F05-4360-9B50-385355E29CF4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el c\u00f3digo de bateo de Capa 2 de Cisco IOS XR Software que se ejecuta en los routers de Servicios de Agregaci\u00f3n de la serie Cisco ASR 9000 podr\u00eda permitir a un atacante adyacente no autenticado causar el reinicio de la tarjeta de l\u00ednea afectada. Esta vulnerabilidad es debido al manejo incorrecto de determinadas tramas Ethernet que causan un bucle de giro que puede hacer que los procesadores de red no respondan. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tipos espec\u00edficos de tramas Ethernet en el segmento donde est\u00e1n conectadas las tarjetas de l\u00ednea afectadas. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar el reinicio de la tarjeta de l\u00ednea afectada"
    }
  ],
  "id": "CVE-2021-34713",
  "lastModified": "2024-11-21T06:11:01.577",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-09T05:15:10.810",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-05-16 02:29
Modified
2024-11-21 04:37
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/108363Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108363Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 5.3.3
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xr:5.3.3:sp10:*:*:*:*:*:*",
              "matchCriteriaId": "29539C29-8282-4C0F-A3A7-B3FD823DDEC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F396564E-B477-4A27-A189-CEB737552E25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5445CC54-ACFB-4070-AF26-F91FEAA85181",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, podr\u00eda permitir que un atacante adyacente sin autorizaci\u00f3n active una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido al manejo incorrecto de ciertos paquetes OAM de MPLS. Un atacante podr\u00eda explotar esta vulnerabilidad enviando paquetes MPLS OAM maliciosos a un dispositivo afectado. Una explotaci\u00f3n exito  podr\u00eda permitir al atacante causar el bloqueo del proceso lspv_server. el bloqueo podr\u00eda provocar la inestabilidad del sistema y la incapacidad de procesar o reenviar el tr\u00e1fico por medio del dispositivo, resultando en una condici\u00f3n DoS que requiere de la intervenci\u00f3n manual para restablecer las condiciones normales de operaci\u00f3n."
    }
  ],
  "id": "CVE-2019-1846",
  "lastModified": "2024-11-21T04:37:31.273",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-16T02:29:00.437",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108363"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dos"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/108363"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dos"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}