Vulnerabilites related to cisco - asr_9912
CVE-2019-15989 (GCVE-0-2019-15989)
Vulnerability from cvelistv5
Published
2020-01-26 04:30
Modified
2024-11-15 17:46
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim’s BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dosvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T01:03:32.644Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200122 Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-15989",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-15T16:22:41.672887Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T17:46:50.977Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "n/a",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2020-01-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim&rsquo;s BGP network on an existing, valid TCP connection to a BGP peer.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-754",
                     description: "CWE-754",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-01-26T04:30:38",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200122 Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos",
            },
         ],
         source: {
            advisory: "cisco-sa-20200122-ios-xr-bgp-dos",
            defect: [
               [
                  "CSCvr69950",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-01-22T16:00:00-0800",
               ID: "CVE-2019-15989",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim&rsquo;s BGP network on an existing, valid TCP connection to a BGP peer.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-754",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200122 Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20200122-ios-xr-bgp-dos",
               defect: [
                  [
                     "CSCvr69950",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-15989",
      datePublished: "2020-01-26T04:30:38.252280Z",
      dateReserved: "2019-09-06T00:00:00",
      dateUpdated: "2024-11-15T17:46:50.977Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-12709 (GCVE-0-2019-12709)
Vulnerability from cvelistv5
Published
2019-09-25 20:15
Modified
2024-11-20 17:09
Severity ?
6.7 (Medium) - CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker who has valid administrator access to an affected device could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to run arbitrary commands on the underlying operating system with root privileges, which may lead to complete system compromise.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privescvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T23:24:39.347Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20190925 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-12709",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-20T16:51:47.819211Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-20T17:09:59.064Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "n/a",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2019-09-25T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker who has valid administrator access to an affected device could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to run arbitrary commands on the underlying operating system with root privileges, which may lead to complete system compromise.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-09-25T20:15:34",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20190925 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc",
            },
         ],
         source: {
            advisory: "cisco-sa-20190925-xr-asr9k-privesc",
            defect: [
               [
                  "CSCvo19278",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2019-09-25T16:00:00-0700",
               ID: "CVE-2019-12709",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker who has valid administrator access to an affected device could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to run arbitrary commands on the underlying operating system with root privileges, which may lead to complete system compromise.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "6.7",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-78",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20190925 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20190925-xr-asr9k-privesc",
               defect: [
                  [
                     "CSCvo19278",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-12709",
      datePublished: "2019-09-25T20:15:35.015947Z",
      dateReserved: "2019-06-04T00:00:00",
      dateUpdated: "2024-11-20T17:09:59.064Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2018-0418 (GCVE-0-2018-0418)
Vulnerability from cvelistv5
Published
2018-08-15 20:00
Modified
2024-11-26 14:47
Severity ?
Summary
A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858.
References
http://www.securitytracker.com/id/1041538vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/105185vdb-entry, x_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dosvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Systems, Inc. ASR 9000 Series Aggregation Services Router Software Version: unspecified
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T03:21:15.611Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1041538",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1041538",
               },
               {
                  name: "105185",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/105185",
               },
               {
                  name: "20180815 Cisco ASR 9000 Series Aggregation Services Routers Precision Time Protocol Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2018-0418",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-25T18:53:34.567761Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-26T14:47:23.721Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "ASR 9000 Series Aggregation Services Router Software",
               vendor: "Cisco Systems, Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "unspecified",
                  },
               ],
            },
         ],
         datePublic: "2018-08-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "CWE-400",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-08-31T09:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "1041538",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1041538",
            },
            {
               name: "105185",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/105185",
            },
            {
               name: "20180815 Cisco ASR 9000 Series Aggregation Services Routers Precision Time Protocol Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2018-08-15T00:00:00",
               ID: "CVE-2018-0418",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "ASR 9000 Series Aggregation Services Router Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "unspecified",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco Systems, Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-400",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1041538",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1041538",
                  },
                  {
                     name: "105185",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/105185",
                  },
                  {
                     name: "20180815 Cisco ASR 9000 Series Aggregation Services Routers Precision Time Protocol Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2018-0418",
      datePublished: "2018-08-15T20:00:00Z",
      dateReserved: "2017-11-27T00:00:00",
      dateUpdated: "2024-11-26T14:47:23.721Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-16027 (GCVE-0-2019-16027)
Vulnerability from cvelistv5
Published
2020-01-26 04:31
Modified
2024-11-15 17:46
Severity ?
7.7 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Intermediate System&ndash;to&ndash;Intermediate System (IS&ndash;IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS&ndash;IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS&ndash;IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS&ndash;IS process.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dosvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T01:03:32.808Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200122 Cisco IOS XR Software Intermediate System–to–Intermediate System Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-16027",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-15T16:30:02.490330Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T17:46:10.927Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "n/a",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2020-01-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the implementation of the Intermediate System&ndash;to&ndash;Intermediate System (IS&ndash;IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS&ndash;IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS&ndash;IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS&ndash;IS process.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.7,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-01-26T04:31:08",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200122 Cisco IOS XR Software Intermediate System–to–Intermediate System Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos",
            },
         ],
         source: {
            advisory: "cisco-sa-20200122-ios-xr-dos",
            defect: [
               [
                  "CSCvr62342",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Intermediate System–to–Intermediate System Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-01-22T16:00:00-0800",
               ID: "CVE-2019-16027",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Intermediate System–to–Intermediate System Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the implementation of the Intermediate System&ndash;to&ndash;Intermediate System (IS&ndash;IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS&ndash;IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS&ndash;IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS&ndash;IS process.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "7.7",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-20",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200122 Cisco IOS XR Software Intermediate System–to–Intermediate System Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20200122-ios-xr-dos",
               defect: [
                  [
                     "CSCvr62342",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-16027",
      datePublished: "2020-01-26T04:31:08.495973Z",
      dateReserved: "2019-09-06T00:00:00",
      dateUpdated: "2024-11-15T17:46:10.927Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2018-0241 (GCVE-0-2018-0241)
Vulnerability from cvelistv5
Published
2018-04-19 20:00
Modified
2024-11-29 15:16
Severity ?
Summary
A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxrx_refsource_CONFIRM
http://www.securitytracker.com/id/1040710vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/103929vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a Cisco IOS XR Version: Cisco IOS XR
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T03:21:13.891Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr",
               },
               {
                  name: "1040710",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1040710",
               },
               {
                  name: "103929",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/103929",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2018-0241",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-29T14:38:36.573899Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-29T15:16:58.735Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Cisco IOS XR",
                  },
               ],
            },
         ],
         datePublic: "2018-04-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-399",
                     description: "CWE-399",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-04-21T09:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr",
            },
            {
               name: "1040710",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1040710",
            },
            {
               name: "103929",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/103929",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2018-0241",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Cisco IOS XR",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-399",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr",
                     refsource: "CONFIRM",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr",
                  },
                  {
                     name: "1040710",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1040710",
                  },
                  {
                     name: "103929",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/103929",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2018-0241",
      datePublished: "2018-04-19T20:00:00",
      dateReserved: "2017-11-27T00:00:00",
      dateUpdated: "2024-11-29T15:16:58.735Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2014-3335 (GCVE-0-2014-3335)
Vulnerability from cvelistv5
Published
2014-08-26 10:00
Modified
2024-08-06 10:43
Severity ?
Summary
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/95443vdb-entry, x_refsource_XF
http://www.securityfocus.com/bid/69383vdb-entry, x_refsource_BID
http://secunia.com/advisories/60222third-party-advisory, x_refsource_SECUNIA
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335vendor-advisory, x_refsource_CISCO
http://tools.cisco.com/security/center/viewAlert.x?alertId=35416x_refsource_CONFIRM
http://www.securitytracker.com/id/1030757vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T10:43:05.140Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "ciscoios-cve20143335-dos(95443)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95443",
               },
               {
                  name: "69383",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/69383",
               },
               {
                  name: "60222",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/60222",
               },
               {
                  name: "20140825 Cisco IOS XR Software Packet Parsing Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35416",
               },
               {
                  name: "1030757",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1030757",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2014-08-25T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-08-28T12:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "ciscoios-cve20143335-dos(95443)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95443",
            },
            {
               name: "69383",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/69383",
            },
            {
               name: "60222",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/60222",
            },
            {
               name: "20140825 Cisco IOS XR Software Packet Parsing Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35416",
            },
            {
               name: "1030757",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1030757",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2014-3335",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "ciscoios-cve20143335-dos(95443)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95443",
                  },
                  {
                     name: "69383",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/69383",
                  },
                  {
                     name: "60222",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/60222",
                  },
                  {
                     name: "20140825 Cisco IOS XR Software Packet Parsing Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335",
                  },
                  {
                     name: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35416",
                     refsource: "CONFIRM",
                     url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35416",
                  },
                  {
                     name: "1030757",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1030757",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2014-3335",
      datePublished: "2014-08-26T10:00:00",
      dateReserved: "2014-05-07T00:00:00",
      dateUpdated: "2024-08-06T10:43:05.140Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2017-12231 (GCVE-0-2017-12231)
Vulnerability from cvelistv5
Published
2017-09-28 07:00
Modified
2024-11-15 17:58
Severity ?
Summary
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217.
References
http://www.securitytracker.com/id/1039449vdb-entry, x_refsource_SECTRACK
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-natx_refsource_CONFIRM
http://www.securityfocus.com/bid/101039vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a Cisco IOS Version: Cisco IOS
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T18:28:16.883Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1039449",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039449",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat",
               },
               {
                  name: "101039",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101039",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2017-12231",
                        options: [
                           {
                              Exploitation: "active",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-08T17:34:43.023495Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  other: {
                     content: {
                        dateAdded: "2022-03-03",
                        reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-12231",
                     },
                     type: "kev",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T17:58:19.069Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Cisco IOS",
                  },
               ],
            },
         ],
         datePublic: "2017-09-28T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-399",
                     description: "CWE-399",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-09-29T09:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "1039449",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039449",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat",
            },
            {
               name: "101039",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101039",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2017-12231",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Cisco IOS",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-399",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1039449",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039449",
                  },
                  {
                     name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat",
                     refsource: "CONFIRM",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat",
                  },
                  {
                     name: "101039",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101039",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2017-12231",
      datePublished: "2017-09-28T07:00:00",
      dateReserved: "2017-08-03T00:00:00",
      dateUpdated: "2024-11-15T17:58:19.069Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2014-2176 (GCVE-0-2014-2176)
Vulnerability from cvelistv5
Published
2014-06-14 10:00
Modified
2024-08-06 10:05
Severity ?
Summary
Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.
References
http://secunia.com/advisories/58722third-party-advisory, x_refsource_SECUNIA
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140611-ipv6vendor-advisory, x_refsource_CISCO
http://www.securityfocus.com/bid/68005vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1030400vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T10:05:59.963Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "58722",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/58722",
               },
               {
                  name: "20140611 Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140611-ipv6",
               },
               {
                  name: "68005",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/68005",
               },
               {
                  name: "1030400",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1030400",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2014-06-11T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2014-06-20T12:57:00",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "58722",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/58722",
            },
            {
               name: "20140611 Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140611-ipv6",
            },
            {
               name: "68005",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/68005",
            },
            {
               name: "1030400",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1030400",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2014-2176",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "58722",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/58722",
                  },
                  {
                     name: "20140611 Cisco IOS XR Software IPv6 Malformed Packet Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140611-ipv6",
                  },
                  {
                     name: "68005",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/68005",
                  },
                  {
                     name: "1030400",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1030400",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2014-2176",
      datePublished: "2014-06-14T10:00:00",
      dateReserved: "2014-02-25T00:00:00",
      dateUpdated: "2024-08-06T10:05:59.963Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-34737 (GCVE-0-2021-34737)
Vulnerability from cvelistv5
Published
2021-09-09 05:01
Modified
2024-11-07 22:00
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Summary
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLUvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:19:48.091Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20210908 Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-34737",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-07T21:54:21.168817Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-07T22:00:23.958Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2021-09-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-09-09T05:01:30",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20210908 Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-dhcp-dos-pjPVReLU",
            defect: [
               [
                  "CSCvw95930",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2021-09-08T16:00:00",
               ID: "CVE-2021-34737",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "5.8",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-476",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20210908 Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iosxr-dhcp-dos-pjPVReLU",
               defect: [
                  [
                     "CSCvw95930",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2021-34737",
      datePublished: "2021-09-09T05:01:30.516919Z",
      dateReserved: "2021-06-15T00:00:00",
      dateUpdated: "2024-11-07T22:00:23.958Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2020-3120 (GCVE-0-2020-3120)
Vulnerability from cvelistv5
Published
2020-02-05 17:50
Modified
2024-11-15 17:42
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dosvendor-advisory, x_refsource_CISCO
http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < 2.3.1.173
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T07:24:00.647Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2020-3120",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-15T16:29:31.395421Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T17:42:14.893Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "2.3.1.173",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2020-02-05T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-190",
                     description: "CWE-190",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-02-05T18:06:04",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
            },
         ],
         source: {
            advisory: "cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
            defect: [
               [
                  "CSCvr14976",
                  "CSCvr15024",
                  "CSCvr15072",
                  "CSCvr15073",
                  "CSCvr15078",
                  "CSCvr15079",
                  "CSCvr15082",
                  "CSCvr15083",
                  "CSCvr15111",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-02-05T16:00:00-0800",
               ID: "CVE-2020-3120",
               STATE: "PUBLIC",
               TITLE: "Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "2.3.1.173",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about the vulnerability that is described in this advisory. Cisco PSIRT is not aware of any malicious use of this vulnerability.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "7.4",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-190",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200205 Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
               defect: [
                  [
                     "CSCvr14976",
                     "CSCvr15024",
                     "CSCvr15072",
                     "CSCvr15073",
                     "CSCvr15078",
                     "CSCvr15079",
                     "CSCvr15082",
                     "CSCvr15083",
                     "CSCvr15111",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2020-3120",
      datePublished: "2020-02-05T17:50:18.427416Z",
      dateReserved: "2019-12-12T00:00:00",
      dateUpdated: "2024-11-15T17:42:14.893Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2014-3322 (GCVE-0-2014-3322)
Vulnerability from cvelistv5
Published
2014-07-24 14:00
Modified
2024-08-06 10:43
Severity ?
Summary
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.
References
http://secunia.com/advisories/60311third-party-advisory, x_refsource_SECUNIA
http://www.securitytracker.com/id/1030623vdb-entry, x_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322vendor-advisory, x_refsource_CISCO
http://www.securityfocus.com/bid/68833vdb-entry, x_refsource_BID
http://tools.cisco.com/security/center/viewAlert.x?alertId=35009x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T10:43:05.102Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "60311",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/60311",
               },
               {
                  name: "1030623",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1030623",
               },
               {
                  name: "20140722 Cisco IOS XR Software NetFlow Processing Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322",
               },
               {
                  name: "68833",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/68833",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35009",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2014-07-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-01-04T20:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "60311",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/60311",
            },
            {
               name: "1030623",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1030623",
            },
            {
               name: "20140722 Cisco IOS XR Software NetFlow Processing Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322",
            },
            {
               name: "68833",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/68833",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35009",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2014-3322",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "60311",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/60311",
                  },
                  {
                     name: "1030623",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1030623",
                  },
                  {
                     name: "20140722 Cisco IOS XR Software NetFlow Processing Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322",
                  },
                  {
                     name: "68833",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/68833",
                  },
                  {
                     name: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35009",
                     refsource: "CONFIRM",
                     url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35009",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2014-3322",
      datePublished: "2014-07-24T14:00:00",
      dateReserved: "2014-05-07T00:00:00",
      dateUpdated: "2024-08-06T10:43:05.102Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2023-20049 (GCVE-0-2023-20049)
Vulnerability from cvelistv5
Published
2023-03-09 00:00
Modified
2024-10-28 16:33
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbTvendor-advisory
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T08:57:35.607Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20230308 Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbT",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-20049",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-28T16:24:40.994516Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-28T16:33:14.713Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software ",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2023-03-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-805",
                     description: "CWE-805",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-03-09T00:00:00",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20230308 Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbT",
            },
         ],
         source: {
            advisory: "cisco-sa-bfd-XmRescbT",
            defect: [
               [
                  "CSCwc39336",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2023-20049",
      datePublished: "2023-03-09T00:00:00",
      dateReserved: "2022-10-27T00:00:00",
      dateUpdated: "2024-10-28T16:33:14.713Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2018-15428 (GCVE-0-2018-15428)
Vulnerability from cvelistv5
Published
2018-10-05 14:00
Modified
2024-11-26 14:27
Severity ?
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dosvendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1041790vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T09:54:03.419Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20181003 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos",
               },
               {
                  name: "1041790",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1041790",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2018-15428",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-25T18:47:47.186898Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-26T14:27:41.055Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2018-10-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-07T09:57:02",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20181003 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos",
            },
            {
               name: "1041790",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1041790",
            },
         ],
         source: {
            advisory: "cisco-sa-20181003-iosxr-dos",
            defect: [
               [
                  "CSCvj58445",
               ],
            ],
            discovery: "UNKNOWN",
         },
         title: "Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2018-10-03T16:00:00-0500",
               ID: "CVE-2018-15428",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
                  },
               ],
            },
            impact: {
               cvss: {
                  baseScore: "6.8",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-20",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20181003 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos",
                  },
                  {
                     name: "1041790",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1041790",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20181003-iosxr-dos",
               defect: [
                  [
                     "CSCvj58445",
                  ],
               ],
               discovery: "UNKNOWN",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2018-15428",
      datePublished: "2018-10-05T14:00:00Z",
      dateReserved: "2018-08-17T00:00:00",
      dateUpdated: "2024-11-26T14:27:41.055Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-16020 (GCVE-0-2019-16020)
Vulnerability from cvelistv5
Published
2020-01-26 04:30
Modified
2024-11-15 17:46
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T01:03:32.663Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-16020",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-15T16:22:39.249238Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T17:46:32.554Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "n/a",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2020-01-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-399",
                     description: "CWE-399",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-01-26T04:30:57",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
            },
         ],
         source: {
            advisory: "cisco-sa-20200122-ios-xr-evpn",
            defect: [
               [
                  "CSCvr74413",
                  "CSCvr74986",
                  "CSCvr80793",
                  "CSCvr83742",
                  "CSCvr84254",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-01-22T16:00:00-0800",
               ID: "CVE-2019-16020",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-399",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20200122-ios-xr-evpn",
               defect: [
                  [
                     "CSCvr74413",
                     "CSCvr74986",
                     "CSCvr80793",
                     "CSCvr83742",
                     "CSCvr84254",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-16020",
      datePublished: "2020-01-26T04:30:57.751382Z",
      dateReserved: "2019-09-06T00:00:00",
      dateUpdated: "2024-11-15T17:46:32.554Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-1686 (GCVE-0-2019-1686)
Vulnerability from cvelistv5
Published
2019-04-17 21:50
Modified
2024-11-19 19:11
Severity ?
5.8 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Summary
A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this vulnerability by sending traffic through an affected device that should otherwise be denied by the configured ACL. An exploit could allow the attacker to bypass protection offered by a configured ACL on the affected device. There are workarounds that address this vulnerability. Affected Cisco IOS XR versions are: Cisco IOS XR Software Release 5.1.1 and later till first fixed. First Fixed Releases: 6.5.2 and later, 6.6.1 and later.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxraclvendor-advisory, x_refsource_CISCO
http://www.securityfocus.com/bid/108026vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < 6.5.2
Version: unspecified   < 6.6.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T18:28:40.969Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20190417 Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxracl",
               },
               {
                  name: "108026",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/108026",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-1686",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-19T17:24:50.214598Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-19T19:11:39.657Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "6.5.2",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
                  {
                     lessThan: "6.6.1",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2019-04-17T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this vulnerability by sending traffic through an affected device that should otherwise be denied by the configured ACL. An exploit could allow the attacker to bypass protection offered by a configured ACL on the affected device. There are workarounds that address this vulnerability. Affected Cisco IOS XR versions are: Cisco IOS XR Software Release 5.1.1 and later till first fixed. First Fixed Releases: 6.5.2 and later, 6.6.1 and later.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-284",
                     description: "CWE-284",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-04-23T07:06:04",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20190417 Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxracl",
            },
            {
               name: "108026",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/108026",
            },
         ],
         source: {
            advisory: "cisco-sa-20190417-iosxracl",
            defect: [
               [
                  "CSCvm01102",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2019-04-17T16:00:00-0700",
               ID: "CVE-2019-1686",
               STATE: "PUBLIC",
               TITLE: "Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_value: "6.5.2",
                                       },
                                       {
                                          version_affected: "<",
                                          version_value: "6.6.1",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this vulnerability by sending traffic through an affected device that should otherwise be denied by the configured ACL. An exploit could allow the attacker to bypass protection offered by a configured ACL on the affected device. There are workarounds that address this vulnerability. Affected Cisco IOS XR versions are: Cisco IOS XR Software Release 5.1.1 and later till first fixed. First Fixed Releases: 6.5.2 and later, 6.6.1 and later.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "5.8",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-284",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20190417 Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxracl",
                  },
                  {
                     name: "108026",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/108026",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20190417-iosxracl",
               defect: [
                  [
                     "CSCvm01102",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-1686",
      datePublished: "2019-04-17T21:50:21.580813Z",
      dateReserved: "2018-12-06T00:00:00",
      dateUpdated: "2024-11-19T19:11:39.657Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-1909 (GCVE-0-2019-1909)
Vulnerability from cvelistv5
Published
2019-07-06 01:20
Modified
2024-11-21 19:19
Severity ?
6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dosvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < 6.4.2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T18:35:52.025Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20190703 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-1909",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-21T18:57:54.713683Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-21T19:19:47.050Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "6.4.2",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2019-07-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "HIGH",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 6.8,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-07-06T01:20:14",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20190703 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos",
            },
         ],
         source: {
            advisory: "cisco-sa-20190703-iosxr-bgp-dos",
            defect: [
               [
                  "CSCvo90073",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2019-07-03T16:00:00-0700",
               ID: "CVE-2019-1909",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "6.4.2",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "6.8",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-20",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20190703 Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20190703-iosxr-bgp-dos",
               defect: [
                  [
                     "CSCvo90073",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-1909",
      datePublished: "2019-07-06T01:20:14.693033Z",
      dateReserved: "2018-12-06T00:00:00",
      dateUpdated: "2024-11-21T19:19:47.050Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2020-26070 (GCVE-0-2020-26070)
Vulnerability from cvelistv5
Published
2020-11-12 02:05
Modified
2024-11-13 17:40
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS condition. The device would need to be restarted to regain functionality.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QYvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T15:49:06.682Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20201110 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2020-26070",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-13T17:12:05.316184Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-13T17:40:55.842Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-11-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS condition. The device would need to be restarted to regain functionality.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-404",
                     description: "CWE-404",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-11-12T02:05:13",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20201110 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY",
            },
         ],
         source: {
            advisory: "cisco-sa-xr-cp-dos-ej8VB9QY",
            defect: [
               [
                  "CSCvv09115",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-11-10T16:00:00",
               ID: "CVE-2020-26070",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS condition. The device would need to be restarted to regain functionality.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-404",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20201110 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-xr-cp-dos-ej8VB9QY",
               defect: [
                  [
                     "CSCvv09115",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2020-26070",
      datePublished: "2020-11-12T02:05:13.841123Z",
      dateReserved: "2020-09-24T00:00:00",
      dateUpdated: "2024-11-13T17:40:55.842Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-34719 (GCVE-0-2021-34719)
Vulnerability from cvelistv5
Published
2021-09-09 05:00
Modified
2024-11-07 22:00
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:19:48.125Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-34719",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-07T21:43:13.784833Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-07T22:00:55.836Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2021-09-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-09-09T05:00:53",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-privescal-dZYMrKf",
            defect: [
               [
                  "CSCvx48004",
                  "CSCvx48007",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2021-09-08T16:00:00",
               ID: "CVE-2021-34719",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "7.8",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-78",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iosxr-privescal-dZYMrKf",
               defect: [
                  [
                     "CSCvx48004",
                     "CSCvx48007",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2021-34719",
      datePublished: "2021-09-09T05:00:53.764430Z",
      dateReserved: "2021-06-15T00:00:00",
      dateUpdated: "2024-11-07T22:00:55.836Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2023-20066 (GCVE-0-2023-20066)
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-25 16:02
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9Vvendor-advisory
Impacted products
Vendor Product Version
Cisco Cisco IOS XE Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T08:57:35.555Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20230322 Cisco IOS XE Software Web UI Path Traversal Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-20066",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-25T14:36:10.650206Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-25T16:02:41.984Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XE Software ",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2023-03-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-23",
                     description: "CWE-23",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-03-23T00:00:00",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20230322 Cisco IOS XE Software Web UI Path Traversal Vulnerability",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V",
            },
         ],
         source: {
            advisory: "cisco-sa-webui-pthtrv-es7GSb9V",
            defect: [
               [
                  "CSCwc76009",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XE Software Web UI Path Traversal Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2023-20066",
      datePublished: "2023-03-23T00:00:00",
      dateReserved: "2022-10-27T00:00:00",
      dateUpdated: "2024-10-25T16:02:41.984Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2023-20065 (GCVE-0-2023-20065)
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-08-02 08:57
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk
Impacted products
Vendor Product Version
Cisco Cisco IOS XE Software Version: 16.4.1
Version: 16.4.2
Version: 16.4.3
Version: 17.3.1
Version: 17.3.2
Version: 17.3.3
Version: 17.3.1a
Version: 17.3.1w
Version: 17.3.2a
Version: 17.3.1x
Version: 17.3.1z
Version: 17.3.4
Version: 17.3.5
Version: 17.3.4a
Version: 17.3.6
Version: 17.3.4b
Version: 17.3.4c
Version: 17.3.5a
Version: 17.3.5b
Version: 17.4.1
Version: 17.4.2
Version: 17.4.1a
Version: 17.4.1b
Version: 17.4.2a
Version: 17.5.1
Version: 17.5.1a
Version: 17.5.1b
Version: 17.5.1c
Version: 17.6.1
Version: 17.6.2
Version: 17.6.1w
Version: 17.6.1a
Version: 17.6.1x
Version: 17.6.3
Version: 17.6.1y
Version: 17.6.1z
Version: 17.6.3a
Version: 17.6.4
Version: 17.6.1z1
Version: 17.7.1
Version: 17.7.1a
Version: 17.7.1b
Version: 17.7.2
Version: 17.8.1
Version: 17.8.1a
Version: 17.9.1
Version: 17.9.1w
Version: 17.9.2
Version: 17.9.1a
Version: 17.9.2a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T08:57:35.585Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "cisco-sa-iox-priv-escalate-Xg8zkyPk",
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XE Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "16.4.1",
                  },
                  {
                     status: "affected",
                     version: "16.4.2",
                  },
                  {
                     status: "affected",
                     version: "16.4.3",
                  },
                  {
                     status: "affected",
                     version: "17.3.1",
                  },
                  {
                     status: "affected",
                     version: "17.3.2",
                  },
                  {
                     status: "affected",
                     version: "17.3.3",
                  },
                  {
                     status: "affected",
                     version: "17.3.1a",
                  },
                  {
                     status: "affected",
                     version: "17.3.1w",
                  },
                  {
                     status: "affected",
                     version: "17.3.2a",
                  },
                  {
                     status: "affected",
                     version: "17.3.1x",
                  },
                  {
                     status: "affected",
                     version: "17.3.1z",
                  },
                  {
                     status: "affected",
                     version: "17.3.4",
                  },
                  {
                     status: "affected",
                     version: "17.3.5",
                  },
                  {
                     status: "affected",
                     version: "17.3.4a",
                  },
                  {
                     status: "affected",
                     version: "17.3.6",
                  },
                  {
                     status: "affected",
                     version: "17.3.4b",
                  },
                  {
                     status: "affected",
                     version: "17.3.4c",
                  },
                  {
                     status: "affected",
                     version: "17.3.5a",
                  },
                  {
                     status: "affected",
                     version: "17.3.5b",
                  },
                  {
                     status: "affected",
                     version: "17.4.1",
                  },
                  {
                     status: "affected",
                     version: "17.4.2",
                  },
                  {
                     status: "affected",
                     version: "17.4.1a",
                  },
                  {
                     status: "affected",
                     version: "17.4.1b",
                  },
                  {
                     status: "affected",
                     version: "17.4.2a",
                  },
                  {
                     status: "affected",
                     version: "17.5.1",
                  },
                  {
                     status: "affected",
                     version: "17.5.1a",
                  },
                  {
                     status: "affected",
                     version: "17.5.1b",
                  },
                  {
                     status: "affected",
                     version: "17.5.1c",
                  },
                  {
                     status: "affected",
                     version: "17.6.1",
                  },
                  {
                     status: "affected",
                     version: "17.6.2",
                  },
                  {
                     status: "affected",
                     version: "17.6.1w",
                  },
                  {
                     status: "affected",
                     version: "17.6.1a",
                  },
                  {
                     status: "affected",
                     version: "17.6.1x",
                  },
                  {
                     status: "affected",
                     version: "17.6.3",
                  },
                  {
                     status: "affected",
                     version: "17.6.1y",
                  },
                  {
                     status: "affected",
                     version: "17.6.1z",
                  },
                  {
                     status: "affected",
                     version: "17.6.3a",
                  },
                  {
                     status: "affected",
                     version: "17.6.4",
                  },
                  {
                     status: "affected",
                     version: "17.6.1z1",
                  },
                  {
                     status: "affected",
                     version: "17.7.1",
                  },
                  {
                     status: "affected",
                     version: "17.7.1a",
                  },
                  {
                     status: "affected",
                     version: "17.7.1b",
                  },
                  {
                     status: "affected",
                     version: "17.7.2",
                  },
                  {
                     status: "affected",
                     version: "17.8.1",
                  },
                  {
                     status: "affected",
                     version: "17.8.1a",
                  },
                  {
                     status: "affected",
                     version: "17.9.1",
                  },
                  {
                     status: "affected",
                     version: "17.9.1w",
                  },
                  {
                     status: "affected",
                     version: "17.9.2",
                  },
                  {
                     status: "affected",
                     version: "17.9.1a",
                  },
                  {
                     status: "affected",
                     version: "17.9.2a",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. \r\n\r This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "cvssV3_1",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-284",
                     description: "Improper Access Control",
                     lang: "en",
                     type: "cwe",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-01-25T16:57:40.501Z",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "cisco-sa-iox-priv-escalate-Xg8zkyPk",
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk",
            },
         ],
         source: {
            advisory: "cisco-sa-iox-priv-escalate-Xg8zkyPk",
            defects: [
               "CSCwd25783",
            ],
            discovery: "EXTERNAL",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2023-20065",
      datePublished: "2023-03-23T00:00:00",
      dateReserved: "2022-10-27T00:00:00",
      dateUpdated: "2024-08-02T08:57:35.585Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-34713 (GCVE-0-2021-34713)
Vulnerability from cvelistv5
Published
2021-09-09 05:00
Modified
2024-11-07 22:01
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFDvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:19:48.108Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20210908 Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-34713",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-07T21:40:45.646027Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-07T22:01:10.190Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2021-09-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-399",
                     description: "CWE-399",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-09-09T05:00:33",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20210908 Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD",
            },
         ],
         source: {
            advisory: "cisco-sa-npspin-QYpwdhFD",
            defect: [
               [
                  "CSCvq33187",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2021-09-08T16:00:00",
               ID: "CVE-2021-34713",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "7.4",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-399",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20210908 Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-npspin-QYpwdhFD",
               defect: [
                  [
                     "CSCvq33187",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2021-34713",
      datePublished: "2021-09-09T05:00:33.935977Z",
      dateReserved: "2021-06-15T00:00:00",
      dateUpdated: "2024-11-07T22:01:10.190Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-34728 (GCVE-0-2021-34728)
Vulnerability from cvelistv5
Published
2021-09-09 05:01
Modified
2024-11-07 22:00
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:19:48.161Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-34728",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-07T21:43:09.558894Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-07T22:00:30.308Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2021-09-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-09-09T05:01:25",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-privescal-dZYMrKf",
            defect: [
               [
                  "CSCvx48004",
                  "CSCvx48007",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2021-09-08T16:00:00",
               ID: "CVE-2021-34728",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "7.8",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-78",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20210908 Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iosxr-privescal-dZYMrKf",
               defect: [
                  [
                     "CSCvx48004",
                     "CSCvx48007",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2021-34728",
      datePublished: "2021-09-09T05:01:25.148942Z",
      dateReserved: "2021-06-15T00:00:00",
      dateUpdated: "2024-11-07T22:00:30.308Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2020-3530 (GCVE-0-2020-3530)
Vulnerability from cvelistv5
Published
2020-09-04 02:25
Modified
2024-11-13 18:08
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Summary
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqvvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T07:37:54.667Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200902 Cisco IOS XR Authenticated User Privilege Escalation Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2020-3530",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-13T17:24:12.678128Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-13T18:08:33.006Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-09-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 8.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-264",
                     description: "CWE-264",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-04T02:25:40",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200902 Cisco IOS XR Authenticated User Privilege Escalation Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-cli-privescl-sDVEmhqv",
            defect: [
               [
                  "CSCvu79978",
                  "CSCvu99038",
                  "CSCvv05925",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Authenticated User Privilege Escalation Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-09-02T16:00:00",
               ID: "CVE-2020-3530",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Authenticated User Privilege Escalation Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.4",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-264",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200902 Cisco IOS XR Authenticated User Privilege Escalation Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iosxr-cli-privescl-sDVEmhqv",
               defect: [
                  [
                     "CSCvu79978",
                     "CSCvu99038",
                     "CSCvv05925",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2020-3530",
      datePublished: "2020-09-04T02:25:40.623334Z",
      dateReserved: "2019-12-12T00:00:00",
      dateUpdated: "2024-11-13T18:08:33.006Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2015-0695 (GCVE-0-2015-0695)
Vulnerability from cvelistv5
Published
2015-04-17 01:00
Modified
2024-08-06 04:17
Severity ?
Summary
Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.
References
http://www.securitytracker.com/id/1032139vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/74162vdb-entry, x_refsource_BID
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxrvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T04:17:32.588Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1032139",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032139",
               },
               {
                  name: "74162",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/74162",
               },
               {
                  name: "20150415 Cisco IOS XR Software BVI Routed Packet Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxr",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-04-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-30T16:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "1032139",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1032139",
            },
            {
               name: "74162",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/74162",
            },
            {
               name: "20150415 Cisco IOS XR Software BVI Routed Packet Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxr",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2015-0695",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1032139",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1032139",
                  },
                  {
                     name: "74162",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/74162",
                  },
                  {
                     name: "20150415 Cisco IOS XR Software BVI Routed Packet Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxr",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2015-0695",
      datePublished: "2015-04-17T01:00:00",
      dateReserved: "2015-01-07T00:00:00",
      dateUpdated: "2024-08-06T04:17:32.588Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-34718 (GCVE-0-2021-34718)
Vulnerability from cvelistv5
Published
2021-09-09 05:00
Modified
2024-11-07 22:01
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2vendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:19:48.124Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20210908 Cisco IOS XR Software Arbitrary File Read and Write Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-34718",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-07T21:43:15.314953Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-07T22:01:03.620Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2021-09-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-88",
                     description: "CWE-88",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-09-09T05:00:43",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20210908 Cisco IOS XR Software Arbitrary File Read and Write Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-scp-inject-QwZOCv2",
            defect: [
               [
                  "CSCvx48017",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Arbitrary File Read and Write Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2021-09-08T16:00:00",
               ID: "CVE-2021-34718",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Arbitrary File Read and Write Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.1",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-88",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20210908 Cisco IOS XR Software Arbitrary File Read and Write Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iosxr-scp-inject-QwZOCv2",
               defect: [
                  [
                     "CSCvx48017",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2021-34718",
      datePublished: "2021-09-09T05:00:43.820831Z",
      dateReserved: "2021-06-15T00:00:00",
      dateUpdated: "2024-11-07T22:01:03.620Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-16021 (GCVE-0-2019-16021)
Vulnerability from cvelistv5
Published
2020-09-23 00:26
Modified
2024-11-13 18:04
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T01:03:32.890Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-16021",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-13T17:12:57.874309Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-13T18:04:37.933Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-01-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-399",
                     description: "CWE-399",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-23T00:26:26",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
            },
         ],
         source: {
            advisory: "cisco-sa-20200122-ios-xr-evpn",
            defect: [
               [
                  "CSCvr74413",
                  "CSCvr74986",
                  "CSCvr80793",
                  "CSCvr83742",
                  "CSCvr84254",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-01-22T16:00:00",
               ID: "CVE-2019-16021",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-399",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20200122-ios-xr-evpn",
               defect: [
                  [
                     "CSCvr74413",
                     "CSCvr74986",
                     "CSCvr80793",
                     "CSCvr83742",
                     "CSCvr84254",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-16021",
      datePublished: "2020-09-23T00:26:27.077617Z",
      dateReserved: "2019-09-06T00:00:00",
      dateUpdated: "2024-11-13T18:04:37.933Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2020-3566 (GCVE-0-2020-3566)
Vulnerability from cvelistv5
Published
2020-08-29 15:15
Modified
2024-11-08 16:09
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T07:37:55.511Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2020-3566",
                        options: [
                           {
                              Exploitation: "active",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-08T16:09:11.203941Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  other: {
                     content: {
                        dateAdded: "2021-11-03",
                        reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-3566",
                     },
                     type: "kev",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-08T16:09:30.061Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-08-29T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild. For affected products, Cisco recommends implementing a mitigation that is appropriate for the customer’s environment.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "CWE-400",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-08-29T15:15:13",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
            defect: [
               [
                  "CSCvv54838",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-08-29T03:00:00",
               ID: "CVE-2020-3566",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of this vulnerability in the wild. For affected products, Cisco recommends implementing a mitigation that is appropriate for the customer’s environment.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-400",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
               defect: [
                  [
                     "CSCvv54838",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2020-3566",
      datePublished: "2020-08-29T15:15:13.627473Z",
      dateReserved: "2019-12-12T00:00:00",
      dateUpdated: "2024-11-08T16:09:30.061Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2017-12240 (GCVE-0-2017-12240)
Vulnerability from cvelistv5
Published
2017-09-28 07:00
Modified
2024-11-15 17:56
Severity ?
Summary
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.
References
https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959x_refsource_CONFIRM
https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390x_refsource_CONFIRM
http://www.securityfocus.com/bid/101034vdb-entry, x_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcpx_refsource_CONFIRM
http://www.securitytracker.com/id/1039445vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a Cisco IOS and IOS XE Version: Cisco IOS and IOS XE
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T18:28:16.785Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390",
               },
               {
                  name: "101034",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101034",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp",
               },
               {
                  name: "1039445",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039445",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2017-12240",
                        options: [
                           {
                              Exploitation: "active",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-08T16:05:13.721131Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  other: {
                     content: {
                        dateAdded: "2022-03-03",
                        reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2017-12240",
                     },
                     type: "kev",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T17:56:33.432Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS and IOS XE",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Cisco IOS and IOS XE",
                  },
               ],
            },
         ],
         datePublic: "2017-09-28T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-09-29T09:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390",
            },
            {
               name: "101034",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101034",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp",
            },
            {
               name: "1039445",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039445",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2017-12240",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS and IOS XE",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Cisco IOS and IOS XE",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-20",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959",
                     refsource: "CONFIRM",
                     url: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959",
                  },
                  {
                     name: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390",
                     refsource: "CONFIRM",
                     url: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390",
                  },
                  {
                     name: "101034",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101034",
                  },
                  {
                     name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp",
                     refsource: "CONFIRM",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp",
                  },
                  {
                     name: "1039445",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039445",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2017-12240",
      datePublished: "2017-09-28T07:00:00",
      dateReserved: "2017-08-03T00:00:00",
      dateUpdated: "2024-11-15T17:56:33.432Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2022-20677 (GCVE-0-2022-20677)
Vulnerability from cvelistv5
Published
2022-04-15 14:16
Modified
2024-11-06 16:25
Severity ?
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
Summary
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFjvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T02:17:52.949Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2022-20677",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-06T15:58:59.031676Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-06T16:25:32.069Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2022-04-13T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-22",
                     description: "CWE-22",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-04-15T14:16:46",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj",
            },
         ],
         source: {
            advisory: "cisco-sa-iox-yuXQ6hFj",
            defect: [
               [
                  "CSCvx27640",
                  "CSCvy16608",
                  "CSCvy30903",
                  "CSCvy30957",
                  "CSCvy35913",
                  "CSCvy35914",
                  "CSCvy86583",
                  "CSCvy86598",
                  "CSCvy86602",
                  "CSCvy86603",
                  "CSCvy86604",
                  "CSCvy86608",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOx Application Hosting Environment Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2022-04-13T16:00:00",
               ID: "CVE-2022-20677",
               STATE: "PUBLIC",
               TITLE: "Cisco IOx Application Hosting Environment Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "5.5",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-22",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iox-yuXQ6hFj",
               defect: [
                  [
                     "CSCvx27640",
                     "CSCvy16608",
                     "CSCvy30903",
                     "CSCvy30957",
                     "CSCvy35913",
                     "CSCvy35914",
                     "CSCvy86583",
                     "CSCvy86598",
                     "CSCvy86602",
                     "CSCvy86603",
                     "CSCvy86604",
                     "CSCvy86608",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2022-20677",
      datePublished: "2022-04-15T14:16:46.734986Z",
      dateReserved: "2021-11-02T00:00:00",
      dateUpdated: "2024-11-06T16:25:32.069Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-34721 (GCVE-0-2021-34721)
Vulnerability from cvelistv5
Published
2021-09-09 05:01
Modified
2024-11-07 22:00
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:19:48.110Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-34721",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-07T21:43:12.552835Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-07T22:00:42.833Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2021-09-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-09-09T05:01:13",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-cmd-inj-wbZKvPxc",
            defect: [
               [
                  "CSCvx48001",
                  "CSCvx48002",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Command Injection Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2021-09-08T16:00:00",
               ID: "CVE-2021-34721",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Command Injection Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "6.7",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-78",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iosxr-cmd-inj-wbZKvPxc",
               defect: [
                  [
                     "CSCvx48001",
                     "CSCvx48002",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2021-34721",
      datePublished: "2021-09-09T05:01:13.579483Z",
      dateReserved: "2021-06-15T00:00:00",
      dateUpdated: "2024-11-07T22:00:42.833Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2020-3569 (GCVE-0-2020-3569)
Vulnerability from cvelistv5
Published
2020-09-23 00:25
Modified
2024-11-08 16:09
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T07:37:55.472Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2020-3569",
                        options: [
                           {
                              Exploitation: "active",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-08T16:08:35.328890Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  other: {
                     content: {
                        dateAdded: "2021-11-03",
                        reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-3569",
                     },
                     type: "kev",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-08T16:09:50.094Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-08-29T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of these vulnerabilities in the wild. For affected products, Cisco recommends implementing a mitigation that is appropriate for the customer’s environment.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "CWE-400",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-23T00:25:17",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
            defect: [
               [
                  "CSCvr86414",
                  "CSCvv54838",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-08-29T03:00:00",
               ID: "CVE-2020-3569",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of these vulnerabilities in the wild. For affected products, Cisco recommends implementing a mitigation that is appropriate for the customer’s environment.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-400",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200829 Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
               defect: [
                  [
                     "CSCvr86414",
                     "CSCvv54838",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2020-3569",
      datePublished: "2020-09-23T00:25:17.287176Z",
      dateReserved: "2019-12-12T00:00:00",
      dateUpdated: "2024-11-08T16:09:50.094Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2020-3118 (GCVE-0-2020-3118)
Vulnerability from cvelistv5
Published
2020-02-05 17:40
Modified
2024-11-08 16:12
Severity ?
8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rcevendor-advisory, x_refsource_CISCO
http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlx_refsource_MISC
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < 6.6.3
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T07:24:00.571Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200205 Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2020-3118",
                        options: [
                           {
                              Exploitation: "active",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-08T16:12:28.712809Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  other: {
                     content: {
                        dateAdded: "2021-11-03",
                        reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2020-3118",
                     },
                     type: "kev",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-08T16:12:42.862Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "6.6.3",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2020-02-05T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-134",
                     description: "CWE-134",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-02-05T18:06:04",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200205 Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
            },
         ],
         source: {
            advisory: "cisco-sa-20200205-iosxr-cdp-rce",
            defect: [
               [
                  "CSCvr09190",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-02-05T16:00:00-0800",
               ID: "CVE-2020-3118",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "6.6.3",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is aware of public announcements about this vulnerability. Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.8",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-134",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200205 Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20200205-iosxr-cdp-rce",
               defect: [
                  [
                     "CSCvr09190",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2020-3118",
      datePublished: "2020-02-05T17:40:16.080703Z",
      dateReserved: "2019-12-12T00:00:00",
      dateUpdated: "2024-11-08T16:12:42.862Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-1846 (GCVE-0-2019-1846)
Vulnerability from cvelistv5
Published
2019-05-16 01:20
Modified
2024-11-21 19:23
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dosvendor-advisory, x_refsource_CISCO
http://www.securityfocus.com/bid/108363vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T18:28:42.819Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20190515 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dos",
               },
               {
                  name: "108363",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/108363",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-1846",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-21T18:58:19.418046Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-21T19:23:38.523Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "n/a",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2019-05-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-05-17T12:06:06",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20190515 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dos",
            },
            {
               name: "108363",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/108363",
            },
         ],
         source: {
            advisory: "cisco-sa-20190515-iosxr-mpls-dos",
            defect: [
               [
                  "CSCvk63685",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2019-05-15T16:00:00-0700",
               ID: "CVE-2019-1846",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "7.4",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-20",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20190515 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers MPLS OAM Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dos",
                  },
                  {
                     name: "108363",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/108363",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20190515-iosxr-mpls-dos",
               defect: [
                  [
                     "CSCvk63685",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-1846",
      datePublished: "2019-05-16T01:20:47.585647Z",
      dateReserved: "2018-12-06T00:00:00",
      dateUpdated: "2024-11-21T19:23:38.523Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-16018 (GCVE-0-2019-16018)
Vulnerability from cvelistv5
Published
2020-01-26 04:30
Modified
2024-11-15 17:46
Severity ?
7.4 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes&rsquo; status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routesvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T01:03:32.796Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200122 Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-16018",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-15T16:30:06.960997Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T17:46:42.156Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "n/a",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2020-01-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes&rsquo; status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "REQUIRED",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-399",
                     description: "CWE-399",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-01-26T04:30:47",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200122 Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes",
            },
         ],
         source: {
            advisory: "cisco-sa-20200122-ios-xr-routes",
            defect: [
               [
                  "CSCvr74902",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-01-22T16:00:00-0800",
               ID: "CVE-2019-16018",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes&rsquo; status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "7.4",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-399",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200122 Cisco IOS XR Software EVPN Operational Routes Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20200122-ios-xr-routes",
               defect: [
                  [
                     "CSCvr74902",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-16018",
      datePublished: "2020-01-26T04:30:48.072294Z",
      dateReserved: "2019-09-06T00:00:00",
      dateUpdated: "2024-11-15T17:46:42.156Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2015-4284 (GCVE-0-2015-4284)
Vulnerability from cvelistv5
Published
2015-07-22 14:00
Modified
2024-08-06 06:11
Severity ?
Summary
The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows remote attackers to cause a denial of service (BGP process reload) via malformed BGPv4 packets, aka Bug ID CSCur70670.
References
http://www.securityfocus.com/bid/75980vdb-entry, x_refsource_BID
http://tools.cisco.com/security/center/viewAlert.x?alertId=40067vendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1033017vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T06:11:12.129Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "75980",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/75980",
               },
               {
                  name: "20150721 Cisco IOS XR Concurrent Data Management Replication Process BGP Process Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40067",
               },
               {
                  name: "1033017",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033017",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-07-21T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows remote attackers to cause a denial of service (BGP process reload) via malformed BGPv4 packets, aka Bug ID CSCur70670.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-09-20T09:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "75980",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/75980",
            },
            {
               name: "20150721 Cisco IOS XR Concurrent Data Management Replication Process BGP Process Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40067",
            },
            {
               name: "1033017",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1033017",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2015-4284",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows remote attackers to cause a denial of service (BGP process reload) via malformed BGPv4 packets, aka Bug ID CSCur70670.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "75980",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/75980",
                  },
                  {
                     name: "20150721 Cisco IOS XR Concurrent Data Management Replication Process BGP Process Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40067",
                  },
                  {
                     name: "1033017",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1033017",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2015-4284",
      datePublished: "2015-07-22T14:00:00",
      dateReserved: "2015-06-04T00:00:00",
      dateUpdated: "2024-08-06T06:11:12.129Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-15998 (GCVE-0-2019-15998)
Vulnerability from cvelistv5
Published
2019-11-26 03:41
Modified
2024-11-19 18:51
Severity ?
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypassvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T01:03:32.726Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20191120 Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypass",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-15998",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-19T17:22:25.597127Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-19T18:51:44.429Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "n/a",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2019-11-20T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-284",
                     description: "CWE-284",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-11-26T03:41:32",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20191120 Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypass",
            },
         ],
         source: {
            advisory: "cisco-sa-20191120-iosxr-ssh-bypass",
            defect: [
               [
                  "CSCvp91299",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2019-11-20T16:00:00-0800",
               ID: "CVE-2019-15998",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "5.3",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-284",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20191120 Cisco IOS XR Software NETCONF Over Secure Shell ACL Bypass Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypass",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20191120-iosxr-ssh-bypass",
               defect: [
                  [
                     "CSCvp91299",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-15998",
      datePublished: "2019-11-26T03:41:32.678014Z",
      dateReserved: "2019-09-06T00:00:00",
      dateUpdated: "2024-11-19T18:51:44.429Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-1842 (GCVE-0-2019-1842)
Vulnerability from cvelistv5
Published
2019-06-05 16:20
Modified
2024-11-21 19:23
Severity ?
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-sshvendor-advisory, x_refsource_CISCO
http://www.securityfocus.com/bid/108687vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < 6.1.4
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T18:28:42.866Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20190605 Cisco IOS XR Software Secure Shell Authentication Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh",
               },
               {
                  name: "108687",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/108687",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-1842",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-21T18:58:16.687085Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-21T19:23:06.717Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "6.1.4",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2019-06-05T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "NONE",
                  baseScore: 5.4,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-285",
                     description: "CWE-285",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-06-10T07:06:04",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20190605 Cisco IOS XR Software Secure Shell Authentication Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh",
            },
            {
               name: "108687",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/108687",
            },
         ],
         source: {
            advisory: "cisco-sa-20190605-iosxr-ssh",
            defect: [
               [
                  "CSCvo03672",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Secure Shell Authentication Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2019-06-05T16:00:00-0700",
               ID: "CVE-2019-1842",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Secure Shell Authentication Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "6.1.4",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "5.4",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-285",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20190605 Cisco IOS XR Software Secure Shell Authentication Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh",
                  },
                  {
                     name: "108687",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/108687",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20190605-iosxr-ssh",
               defect: [
                  [
                     "CSCvo03672",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-1842",
      datePublished: "2019-06-05T16:20:15.262993Z",
      dateReserved: "2018-12-06T00:00:00",
      dateUpdated: "2024-11-21T19:23:06.717Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-34722 (GCVE-0-2021-34722)
Vulnerability from cvelistv5
Published
2021-09-09 05:01
Modified
2024-11-07 22:00
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:19:48.254Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-34722",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-07T21:43:10.838609Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-07T22:00:36.407Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2021-09-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-78",
                     description: "CWE-78",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-09-09T05:01:19",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-cmd-inj-wbZKvPxc",
            defect: [
               [
                  "CSCvx48001",
                  "CSCvx48002",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Command Injection Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2021-09-08T16:00:00",
               ID: "CVE-2021-34722",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software Command Injection Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "6.7",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-78",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20210908 Cisco IOS XR Software Command Injection Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iosxr-cmd-inj-wbZKvPxc",
               defect: [
                  [
                     "CSCvx48001",
                     "CSCvx48002",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2021-34722",
      datePublished: "2021-09-09T05:01:20.026571Z",
      dateReserved: "2021-06-15T00:00:00",
      dateUpdated: "2024-11-07T22:00:36.407Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2015-6301 (GCVE-0-2015-6301)
Vulnerability from cvelistv5
Published
2015-09-20 14:00
Modified
2024-08-06 07:15
Severity ?
Summary
The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171.
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=41101vendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1033623vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T07:15:13.293Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20150918 Cisco ASR 9000 Series Aggregation Services Routers Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=41101",
               },
               {
                  name: "1033623",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033623",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-09-18T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-20T16:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20150918 Cisco ASR 9000 Series Aggregation Services Routers Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=41101",
            },
            {
               name: "1033623",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1033623",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2015-6301",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20150918 Cisco ASR 9000 Series Aggregation Services Routers Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=41101",
                  },
                  {
                     name: "1033623",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1033623",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2015-6301",
      datePublished: "2015-09-20T14:00:00",
      dateReserved: "2015-08-17T00:00:00",
      dateUpdated: "2024-08-06T07:15:13.293Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2015-0694 (GCVE-0-2015-0694)
Vulnerability from cvelistv5
Published
2015-04-11 01:00
Modified
2024-08-06 04:17
Severity ?
Summary
Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=38292vendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1032059vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T04:17:32.821Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20150409 Cisco Aggregate Services Router 9000 ASR9K Security Bypass Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38292",
               },
               {
                  name: "1032059",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032059",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-04-09T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2015-04-16T17:57:00",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20150409 Cisco Aggregate Services Router 9000 ASR9K Security Bypass Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38292",
            },
            {
               name: "1032059",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1032059",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2015-0694",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20150409 Cisco Aggregate Services Router 9000 ASR9K Security Bypass Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38292",
                  },
                  {
                     name: "1032059",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1032059",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2015-0694",
      datePublished: "2015-04-11T01:00:00",
      dateReserved: "2015-01-07T00:00:00",
      dateUpdated: "2024-08-06T04:17:32.821Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2014-3396 (GCVE-0-2014-3396)
Vulnerability from cvelistv5
Published
2014-10-05 01:00
Modified
2024-08-06 10:43
Severity ?
Summary
Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.
References
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3396vendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T10:43:05.546Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20141003 Cisco IOS XR Software Compression ACL Bypass Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3396",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2014-10-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2014-10-05T01:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20141003 Cisco IOS XR Software Compression ACL Bypass Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3396",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2014-3396",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20141003 Cisco IOS XR Software Compression ACL Bypass Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3396",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2014-3396",
      datePublished: "2014-10-05T01:00:00",
      dateReserved: "2014-05-07T00:00:00",
      dateUpdated: "2024-08-06T10:43:05.546Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-16019 (GCVE-0-2019-16019)
Vulnerability from cvelistv5
Published
2020-09-23 00:26
Modified
2024-11-13 18:04
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T01:03:32.650Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-16019",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-13T17:12:56.795158Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-13T18:04:28.358Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-01-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-399",
                     description: "CWE-399",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-23T00:26:31",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
            },
         ],
         source: {
            advisory: "cisco-sa-20200122-ios-xr-evpn",
            defect: [
               [
                  "CSCvr74413",
                  "CSCvr74986",
                  "CSCvr80793",
                  "CSCvr83742",
                  "CSCvr84254",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-01-22T16:00:00",
               ID: "CVE-2019-16019",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-399",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20200122-ios-xr-evpn",
               defect: [
                  [
                     "CSCvr74413",
                     "CSCvr74986",
                     "CSCvr80793",
                     "CSCvr83742",
                     "CSCvr84254",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-16019",
      datePublished: "2020-09-23T00:26:31.511247Z",
      dateReserved: "2019-09-06T00:00:00",
      dateUpdated: "2024-11-13T18:04:28.358Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2023-20064 (GCVE-0-2023-20064)
Vulnerability from cvelistv5
Published
2023-03-09 00:00
Modified
2024-10-25 16:03
Severity ?
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fqvendor-advisory
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T08:57:35.558Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20230308 Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-20064",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-10-25T14:36:23.610206Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-25T16:03:12.091Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software ",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2023-03-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "PHYSICAL",
                  availabilityImpact: "NONE",
                  baseScore: 4.6,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-862",
                     description: "CWE-862",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2023-03-09T00:00:00",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20230308 Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-load-infodisc-9rdOr5Fq",
            defect: [
               [
                  "CSCvz42457",
                  "CSCwc97332",
                  "CSCwd61802",
                  "CSCwd61820",
                  "CSCwd79460",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability",
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2023-20064",
      datePublished: "2023-03-09T00:00:00",
      dateReserved: "2022-10-27T00:00:00",
      dateUpdated: "2024-10-25T16:03:12.091Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-16022 (GCVE-0-2019-16022)
Vulnerability from cvelistv5
Published
2020-01-26 04:31
Modified
2024-11-15 17:46
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: unspecified   < n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T01:03:32.825Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-16022",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-15T16:22:37.501287Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-15T17:46:21.678Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     lessThan: "n/a",
                     status: "affected",
                     version: "unspecified",
                     versionType: "custom",
                  },
               ],
            },
         ],
         datePublic: "2020-01-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-399",
                     description: "CWE-399",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-01-26T04:31:02",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
            },
         ],
         source: {
            advisory: "cisco-sa-20200122-ios-xr-evpn",
            defect: [
               [
                  "CSCvr74413",
                  "CSCvr74986",
                  "CSCvr80793",
                  "CSCvr83742",
                  "CSCvr84254",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-01-22T16:00:00-0800",
               ID: "CVE-2019-16022",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          affected: "<",
                                          version_affected: "<",
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-399",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20200122-ios-xr-evpn",
               defect: [
                  [
                     "CSCvr74413",
                     "CSCvr74986",
                     "CSCvr80793",
                     "CSCvr83742",
                     "CSCvr84254",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-16022",
      datePublished: "2020-01-26T04:31:03.023685Z",
      dateReserved: "2019-09-06T00:00:00",
      dateUpdated: "2024-11-15T17:46:21.678Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2022-20848 (GCVE-0-2022-20848)
Vulnerability from cvelistv5
Published
2022-09-30 18:45
Modified
2024-11-01 18:50
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNzvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XE Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T02:24:49.940Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20220928 Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2022-20848",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-01T18:43:52.111733Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-01T18:50:52.282Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XE Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2022-09-28T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-399",
                     description: "CWE-399",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-09-30T18:45:59",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20220928 Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz",
            },
         ],
         source: {
            advisory: "cisco-sa-wlc-udp-dos-XDyEwhNz",
            defect: [
               [
                  "CSCwb18118",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2022-09-28T23:00:00",
               ID: "CVE-2022-20848",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XE Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-399",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20220928 Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points UDP Processing Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-wlc-udp-dos-XDyEwhNz",
               defect: [
                  [
                     "CSCwb18118",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2022-20848",
      datePublished: "2022-09-30T18:45:59.665856Z",
      dateReserved: "2021-11-02T00:00:00",
      dateUpdated: "2024-11-01T18:50:52.282Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2015-6297 (GCVE-0-2015-6297)
Vulnerability from cvelistv5
Published
2015-09-18 22:00
Modified
2024-08-06 07:15
Severity ?
Summary
The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525.
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=41060vendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1033614vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T07:15:13.297Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20150918 Cisco IOS Software DHCPv6 Server Implementation Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=41060",
               },
               {
                  name: "1033614",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1033614",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-09-18T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-20T16:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20150918 Cisco IOS Software DHCPv6 Server Implementation Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=41060",
            },
            {
               name: "1033614",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1033614",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2015-6297",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20150918 Cisco IOS Software DHCPv6 Server Implementation Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=41060",
                  },
                  {
                     name: "1033614",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1033614",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2015-6297",
      datePublished: "2015-09-18T22:00:00",
      dateReserved: "2015-08-17T00:00:00",
      dateUpdated: "2024-08-06T07:15:13.297Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2016-1407 (GCVE-0-2016-1407)
Vulnerability from cvelistv5
Published
2016-05-25 01:00
Modified
2024-08-05 22:55
Severity ?
Summary
Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xrvendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1035934vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T22:55:14.376Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20160519 Cisco IOS XR LPTS Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr",
               },
               {
                  name: "1035934",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1035934",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-05-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-29T16:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20160519 Cisco IOS XR LPTS Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr",
            },
            {
               name: "1035934",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1035934",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2016-1407",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20160519 Cisco IOS XR LPTS Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr",
                  },
                  {
                     name: "1035934",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1035934",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2016-1407",
      datePublished: "2016-05-25T01:00:00",
      dateReserved: "2016-01-04T00:00:00",
      dateUpdated: "2024-08-05T22:55:14.376Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2015-4205 (GCVE-0-2015-4205)
Vulnerability from cvelistv5
Published
2015-06-23 14:00
Modified
2024-08-06 06:04
Severity ?
Summary
Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959.
References
http://www.securityfocus.com/bid/75352vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1032691vdb-entry, x_refsource_SECTRACK
http://tools.cisco.com/security/center/viewAlert.x?alertId=39455vendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T06:04:03.244Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "75352",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/75352",
               },
               {
                  name: "1032691",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1032691",
               },
               {
                  name: "20150622 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39455",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-06-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-23T18:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "75352",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/75352",
            },
            {
               name: "1032691",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1032691",
            },
            {
               name: "20150622 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39455",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2015-4205",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "75352",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/75352",
                  },
                  {
                     name: "1032691",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1032691",
                  },
                  {
                     name: "20150622 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39455",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2015-4205",
      datePublished: "2015-06-23T14:00:00",
      dateReserved: "2015-06-04T00:00:00",
      dateUpdated: "2024-08-06T06:04:03.244Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2018-0136 (GCVE-0-2018-0136)
Vulnerability from cvelistv5
Published
2018-01-31 20:00
Modified
2024-12-02 21:24
Severity ?
Summary
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.
References
http://www.securityfocus.com/bid/102905vdb-entry, x_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6x_refsource_CONFIRM
http://www.securitytracker.com/id/1040315vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a Cisco Aggregation Services Router 9000 Series Version: Cisco Aggregation Services Router 9000 Series
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T03:14:16.885Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "102905",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/102905",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6",
               },
               {
                  name: "1040315",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1040315",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2018-0136",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-12-02T19:11:34.315844Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-12-02T21:24:47.666Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco Aggregation Services Router 9000 Series",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Cisco Aggregation Services Router 9000 Series",
                  },
               ],
            },
         ],
         datePublic: "2018-01-31T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-20",
                     description: "CWE-20",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-02-03T10:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "102905",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/102905",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6",
            },
            {
               name: "1040315",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1040315",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2018-0136",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco Aggregation Services Router 9000 Series",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Cisco Aggregation Services Router 9000 Series",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-20",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "102905",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/102905",
                  },
                  {
                     name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6",
                     refsource: "CONFIRM",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6",
                  },
                  {
                     name: "1040315",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1040315",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2018-0136",
      datePublished: "2018-01-31T20:00:00",
      dateReserved: "2017-11-27T00:00:00",
      dateUpdated: "2024-12-02T21:24:47.666Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2014-3321 (GCVE-0-2014-3321)
Vulnerability from cvelistv5
Published
2014-07-18 01:00
Modified
2024-08-06 10:43
Severity ?
Summary
Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=34936x_refsource_CONFIRM
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3321vendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1030597vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T10:43:05.197Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34936",
               },
               {
                  name: "20140715 Cisco IOS XR Software MPLS Packet Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3321",
               },
               {
                  name: "1030597",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1030597",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2014-07-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-01-04T20:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34936",
            },
            {
               name: "20140715 Cisco IOS XR Software MPLS Packet Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3321",
            },
            {
               name: "1030597",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1030597",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2014-3321",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34936",
                     refsource: "CONFIRM",
                     url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34936",
                  },
                  {
                     name: "20140715 Cisco IOS XR Software MPLS Packet Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3321",
                  },
                  {
                     name: "1030597",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1030597",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2014-3321",
      datePublished: "2014-07-18T01:00:00",
      dateReserved: "2014-05-07T00:00:00",
      dateUpdated: "2024-08-06T10:43:05.197Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2014-3308 (GCVE-0-2014-3308)
Vulnerability from cvelistv5
Published
2014-07-07 10:00
Modified
2024-08-06 10:35
Severity ?
Summary
Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=34843x_refsource_CONFIRM
http://www.securityfocus.com/bid/68351vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1030525vdb-entry, x_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3308vendor-advisory, x_refsource_CISCO
http://secunia.com/advisories/58869third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T10:35:57.172Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34843",
               },
               {
                  name: "68351",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/68351",
               },
               {
                  name: "1030525",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1030525",
               },
               {
                  name: "20140703 Cisco IOS XR Software Punt Policer Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3308",
               },
               {
                  name: "58869",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/58869",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2014-07-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-01-05T14:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34843",
            },
            {
               name: "68351",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/68351",
            },
            {
               name: "1030525",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1030525",
            },
            {
               name: "20140703 Cisco IOS XR Software Punt Policer Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3308",
            },
            {
               name: "58869",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/58869",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2014-3308",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34843",
                     refsource: "CONFIRM",
                     url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34843",
                  },
                  {
                     name: "68351",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/68351",
                  },
                  {
                     name: "1030525",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1030525",
                  },
                  {
                     name: "20140703 Cisco IOS XR Software Punt Policer Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3308",
                  },
                  {
                     name: "58869",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/58869",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2014-3308",
      datePublished: "2014-07-07T10:00:00",
      dateReserved: "2014-05-07T00:00:00",
      dateUpdated: "2024-08-06T10:35:57.172Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2018-0167 (GCVE-0-2018-0167)
Vulnerability from cvelistv5
Published
2018-03-28 22:00
Modified
2024-11-13 18:24
Severity ?
Summary
Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldpx_refsource_CONFIRM
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03x_refsource_MISC
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04x_refsource_MISC
http://www.securitytracker.com/id/1040586vdb-entry, x_refsource_SECTRACK
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05x_refsource_MISC
http://www.securityfocus.com/bid/103564vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a Cisco IOS, IOS XE, and IOS XR Version: Cisco IOS, IOS XE, and IOS XR
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T03:14:16.810Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04",
               },
               {
                  name: "1040586",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1040586",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05",
               },
               {
                  name: "103564",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/103564",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2018-0167",
                        options: [
                           {
                              Exploitation: "active",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-08T17:25:01.571442Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  other: {
                     content: {
                        dateAdded: "2022-03-03",
                        reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2018-0167",
                     },
                     type: "kev",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-13T18:24:23.697Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS, IOS XE, and IOS XR",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Cisco IOS, IOS XE, and IOS XR",
                  },
               ],
            },
         ],
         datePublic: "2018-03-28T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-119",
                     description: "CWE-119",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-04-19T14:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04",
            },
            {
               name: "1040586",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1040586",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05",
            },
            {
               name: "103564",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/103564",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2018-0167",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS, IOS XE, and IOS XR",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Cisco IOS, IOS XE, and IOS XR",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-119",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp",
                     refsource: "CONFIRM",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp",
                  },
                  {
                     name: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03",
                     refsource: "MISC",
                     url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03",
                  },
                  {
                     name: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04",
                     refsource: "MISC",
                     url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04",
                  },
                  {
                     name: "1040586",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1040586",
                  },
                  {
                     name: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05",
                     refsource: "MISC",
                     url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05",
                  },
                  {
                     name: "103564",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/103564",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2018-0167",
      datePublished: "2018-03-28T22:00:00",
      dateReserved: "2017-11-27T00:00:00",
      dateUpdated: "2024-11-13T18:24:23.697Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2015-0672 (GCVE-0-2015-0672)
Vulnerability from cvelistv5
Published
2015-03-26 10:00
Modified
2024-08-06 04:17
Severity ?
Summary
The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822.
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=38006vendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1031970vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T04:17:32.508Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20150324 Cisco IOS XR Software DHCPv4 Server Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38006",
               },
               {
                  name: "1031970",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1031970",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-03-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2015-03-27T12:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20150324 Cisco IOS XR Software DHCPv4 Server Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38006",
            },
            {
               name: "1031970",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1031970",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2015-0672",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20150324 Cisco IOS XR Software DHCPv4 Server Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38006",
                  },
                  {
                     name: "1031970",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1031970",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2015-0672",
      datePublished: "2015-03-26T10:00:00",
      dateReserved: "2015-01-07T00:00:00",
      dateUpdated: "2024-08-06T04:17:32.508Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2022-20919 (GCVE-0-2022-20919)
Vulnerability from cvelistv5
Published
2022-09-30 18:46
Modified
2024-11-01 18:50
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9vendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-03T02:31:57.396Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20220928 Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2022-20919",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-01T18:43:50.327091Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-01T18:50:12.263Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2022-09-28T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-248",
                     description: "CWE-248",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2022-09-30T18:46:37",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20220928 Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxe-cip-dos-9rTbKLt9",
            defect: [
               [
                  "CSCwa96810",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2022-09-28T23:00:00",
               ID: "CVE-2022-20919",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-248",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20220928 Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-iosxe-cip-dos-9rTbKLt9",
               defect: [
                  [
                     "CSCwa96810",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2022-20919",
      datePublished: "2022-09-30T18:46:37.481110Z",
      dateReserved: "2021-11-02T00:00:00",
      dateUpdated: "2024-11-01T18:50:12.263Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2019-16023 (GCVE-0-2019-16023)
Vulnerability from cvelistv5
Published
2020-09-23 00:26
Modified
2024-11-13 18:04
Severity ?
8.6 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T01:03:32.611Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2019-16023",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-13T17:12:59.183412Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-13T18:04:48.535Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2020-01-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-399",
                     description: "CWE-399",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-09-23T00:26:22",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
            },
         ],
         source: {
            advisory: "cisco-sa-20200122-ios-xr-evpn",
            defect: [
               [
                  "CSCvr74413",
                  "CSCvr74986",
                  "CSCvr80793",
                  "CSCvr83742",
                  "CSCvr84254",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2020-01-22T16:00:00",
               ID: "CVE-2019-16023",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-399",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20200122 Cisco IOS XR Software BGP EVPN Denial of Service Vulnerabilities",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-20200122-ios-xr-evpn",
               defect: [
                  [
                     "CSCvr74413",
                     "CSCvr74986",
                     "CSCvr80793",
                     "CSCvr83742",
                     "CSCvr84254",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2019-16023",
      datePublished: "2020-09-23T00:26:22.854791Z",
      dateReserved: "2019-09-06T00:00:00",
      dateUpdated: "2024-11-13T18:04:48.535Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2023-20236 (GCVE-0-2023-20236)
Vulnerability from cvelistv5
Published
2023-09-13 16:39
Modified
2024-10-23 19:10
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: 5.2.0
Version: 5.2.1
Version: 5.2.2
Version: 5.2.4
Version: 5.2.3
Version: 5.2.5
Version: 5.2.47
Version: 5.3.0
Version: 5.3.1
Version: 5.3.2
Version: 5.3.3
Version: 5.3.4
Version: 6.0.0
Version: 6.0.1
Version: 6.0.2
Version: 6.1.1
Version: 6.1.2
Version: 6.1.3
Version: 6.1.4
Version: 6.1.12
Version: 6.1.22
Version: 6.1.32
Version: 6.1.36
Version: 6.1.42
Version: 6.2.1
Version: 6.2.2
Version: 6.2.3
Version: 6.2.25
Version: 6.2.11
Version: 6.3.2
Version: 6.3.3
Version: 6.3.15
Version: 6.4.1
Version: 6.4.2
Version: 6.4.3
Version: 6.5.1
Version: 6.5.2
Version: 6.5.3
Version: 6.5.25
Version: 6.5.26
Version: 6.5.28
Version: 6.5.29
Version: 6.5.32
Version: 6.5.33
Version: 6.6.2
Version: 6.6.3
Version: 6.6.25
Version: 6.6.4
Version: 7.0.1
Version: 7.0.2
Version: 7.0.12
Version: 7.0.14
Version: 7.1.1
Version: 7.1.15
Version: 7.1.2
Version: 7.1.3
Version: 6.7.1
Version: 6.7.2
Version: 6.7.3
Version: 6.7.4
Version: 7.2.0
Version: 7.2.1
Version: 7.2.2
Version: 7.3.1
Version: 7.3.15
Version: 7.3.2
Version: 7.3.3
Version: 7.3.5
Version: 7.4.1
Version: 7.4.2
Version: 6.8.1
Version: 6.8.2
Version: 7.5.1
Version: 7.5.3
Version: 7.5.2
Version: 7.5.4
Version: 7.6.1
Version: 7.6.2
Version: 7.7.1
Version: 7.7.2
Version: 7.7.21
Version: 6.9.1
Version: 6.9.2
Version: 7.8.1
Version: 7.8.2
Version: 7.9.1
Version: 7.9.2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T09:05:35.905Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
               },
            ],
            title: "CVE Program Container",
         },
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:o:cisco:ios_xr_software:*:*:*:*:*:*:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "ios_xr_software",
                  vendor: "cisco",
                  versions: [
                     {
                        lessThanOrEqual: "7.9.2",
                        status: "affected",
                        version: "0",
                        versionType: "custom",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2023-20236",
                        options: [
                           {
                              Exploitation: "None",
                           },
                           {
                              Automatable: "No",
                           },
                           {
                              "Technical Impact": "Total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2023-11-15T16:36:16.200980Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-10-23T19:10:48.388Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "5.2.0",
                  },
                  {
                     status: "affected",
                     version: "5.2.1",
                  },
                  {
                     status: "affected",
                     version: "5.2.2",
                  },
                  {
                     status: "affected",
                     version: "5.2.4",
                  },
                  {
                     status: "affected",
                     version: "5.2.3",
                  },
                  {
                     status: "affected",
                     version: "5.2.5",
                  },
                  {
                     status: "affected",
                     version: "5.2.47",
                  },
                  {
                     status: "affected",
                     version: "5.3.0",
                  },
                  {
                     status: "affected",
                     version: "5.3.1",
                  },
                  {
                     status: "affected",
                     version: "5.3.2",
                  },
                  {
                     status: "affected",
                     version: "5.3.3",
                  },
                  {
                     status: "affected",
                     version: "5.3.4",
                  },
                  {
                     status: "affected",
                     version: "6.0.0",
                  },
                  {
                     status: "affected",
                     version: "6.0.1",
                  },
                  {
                     status: "affected",
                     version: "6.0.2",
                  },
                  {
                     status: "affected",
                     version: "6.1.1",
                  },
                  {
                     status: "affected",
                     version: "6.1.2",
                  },
                  {
                     status: "affected",
                     version: "6.1.3",
                  },
                  {
                     status: "affected",
                     version: "6.1.4",
                  },
                  {
                     status: "affected",
                     version: "6.1.12",
                  },
                  {
                     status: "affected",
                     version: "6.1.22",
                  },
                  {
                     status: "affected",
                     version: "6.1.32",
                  },
                  {
                     status: "affected",
                     version: "6.1.36",
                  },
                  {
                     status: "affected",
                     version: "6.1.42",
                  },
                  {
                     status: "affected",
                     version: "6.2.1",
                  },
                  {
                     status: "affected",
                     version: "6.2.2",
                  },
                  {
                     status: "affected",
                     version: "6.2.3",
                  },
                  {
                     status: "affected",
                     version: "6.2.25",
                  },
                  {
                     status: "affected",
                     version: "6.2.11",
                  },
                  {
                     status: "affected",
                     version: "6.3.2",
                  },
                  {
                     status: "affected",
                     version: "6.3.3",
                  },
                  {
                     status: "affected",
                     version: "6.3.15",
                  },
                  {
                     status: "affected",
                     version: "6.4.1",
                  },
                  {
                     status: "affected",
                     version: "6.4.2",
                  },
                  {
                     status: "affected",
                     version: "6.4.3",
                  },
                  {
                     status: "affected",
                     version: "6.5.1",
                  },
                  {
                     status: "affected",
                     version: "6.5.2",
                  },
                  {
                     status: "affected",
                     version: "6.5.3",
                  },
                  {
                     status: "affected",
                     version: "6.5.25",
                  },
                  {
                     status: "affected",
                     version: "6.5.26",
                  },
                  {
                     status: "affected",
                     version: "6.5.28",
                  },
                  {
                     status: "affected",
                     version: "6.5.29",
                  },
                  {
                     status: "affected",
                     version: "6.5.32",
                  },
                  {
                     status: "affected",
                     version: "6.5.33",
                  },
                  {
                     status: "affected",
                     version: "6.6.2",
                  },
                  {
                     status: "affected",
                     version: "6.6.3",
                  },
                  {
                     status: "affected",
                     version: "6.6.25",
                  },
                  {
                     status: "affected",
                     version: "6.6.4",
                  },
                  {
                     status: "affected",
                     version: "7.0.1",
                  },
                  {
                     status: "affected",
                     version: "7.0.2",
                  },
                  {
                     status: "affected",
                     version: "7.0.12",
                  },
                  {
                     status: "affected",
                     version: "7.0.14",
                  },
                  {
                     status: "affected",
                     version: "7.1.1",
                  },
                  {
                     status: "affected",
                     version: "7.1.15",
                  },
                  {
                     status: "affected",
                     version: "7.1.2",
                  },
                  {
                     status: "affected",
                     version: "7.1.3",
                  },
                  {
                     status: "affected",
                     version: "6.7.1",
                  },
                  {
                     status: "affected",
                     version: "6.7.2",
                  },
                  {
                     status: "affected",
                     version: "6.7.3",
                  },
                  {
                     status: "affected",
                     version: "6.7.4",
                  },
                  {
                     status: "affected",
                     version: "7.2.0",
                  },
                  {
                     status: "affected",
                     version: "7.2.1",
                  },
                  {
                     status: "affected",
                     version: "7.2.2",
                  },
                  {
                     status: "affected",
                     version: "7.3.1",
                  },
                  {
                     status: "affected",
                     version: "7.3.15",
                  },
                  {
                     status: "affected",
                     version: "7.3.2",
                  },
                  {
                     status: "affected",
                     version: "7.3.3",
                  },
                  {
                     status: "affected",
                     version: "7.3.5",
                  },
                  {
                     status: "affected",
                     version: "7.4.1",
                  },
                  {
                     status: "affected",
                     version: "7.4.2",
                  },
                  {
                     status: "affected",
                     version: "6.8.1",
                  },
                  {
                     status: "affected",
                     version: "6.8.2",
                  },
                  {
                     status: "affected",
                     version: "7.5.1",
                  },
                  {
                     status: "affected",
                     version: "7.5.3",
                  },
                  {
                     status: "affected",
                     version: "7.5.2",
                  },
                  {
                     status: "affected",
                     version: "7.5.4",
                  },
                  {
                     status: "affected",
                     version: "7.6.1",
                  },
                  {
                     status: "affected",
                     version: "7.6.2",
                  },
                  {
                     status: "affected",
                     version: "7.7.1",
                  },
                  {
                     status: "affected",
                     version: "7.7.2",
                  },
                  {
                     status: "affected",
                     version: "7.7.21",
                  },
                  {
                     status: "affected",
                     version: "6.9.1",
                  },
                  {
                     status: "affected",
                     version: "6.9.2",
                  },
                  {
                     status: "affected",
                     version: "7.8.1",
                  },
                  {
                     status: "affected",
                     version: "7.8.2",
                  },
                  {
                     status: "affected",
                     version: "7.9.1",
                  },
                  {
                     status: "affected",
                     version: "7.9.2",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device.\r\n\r This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "HIGH",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               format: "cvssV3_1",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-347",
                     description: "Improper Verification of Cryptographic Signature",
                     lang: "en",
                     type: "cwe",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-08-07T19:50:10.951Z",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
               url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
            },
         ],
         source: {
            advisory: "cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
            defects: [
               "CSCvz63925",
               "CSCvz63918",
               "CSCwe12502",
               "CSCvz63929",
               "CSCwi31568",
               "CSCwh78724",
               "CSCwi26526",
               "CSCwh70601",
               "CSCwh78727",
               "CSCwj83430",
               "CSCwj88475",
            ],
            discovery: "INTERNAL",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2023-20236",
      datePublished: "2023-09-13T16:39:19.418Z",
      dateReserved: "2022-10-27T18:47:50.370Z",
      dateUpdated: "2024-10-23T19:10:48.388Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

CVE-2021-34720 (GCVE-0-2021-34720)
Vulnerability from cvelistv5
Published
2021-09-09 05:01
Modified
2024-11-07 22:00
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpPvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Cisco Cisco IOS XR Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T00:19:48.088Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "20210908 Cisco IOS XR Software IP Service Level Agreements  and Two-Way Active Measurement Protocol Denial of Service Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2021-34720",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "yes",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-11-07T21:54:22.268217Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-11-07T22:00:49.116Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Cisco IOS XR Software",
               vendor: "Cisco",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2021-09-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process.",
            },
         ],
         exploits: [
            {
               lang: "en",
               value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "LOW",
                  attackVector: "NETWORK",
                  availabilityImpact: "HIGH",
                  baseScore: 8.6,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "NONE",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-771",
                     description: "CWE-771",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-09-09T05:01:03",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "20210908 Cisco IOS XR Software IP Service Level Agreements  and Two-Way Active Measurement Protocol Denial of Service Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP",
            },
         ],
         source: {
            advisory: "cisco-sa-ipsla-ZA3SRrpP",
            defect: [
               [
                  "CSCvw32825",
                  "CSCvw61840",
               ],
            ],
            discovery: "INTERNAL",
         },
         title: "Cisco IOS XR Software IP Service Level Agreements  and Two-Way Active Measurement Protocol Denial of Service Vulnerability",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               DATE_PUBLIC: "2021-09-08T16:00:00",
               ID: "CVE-2021-34720",
               STATE: "PUBLIC",
               TITLE: "Cisco IOS XR Software IP Service Level Agreements  and Two-Way Active Measurement Protocol Denial of Service Vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Cisco IOS XR Software",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Cisco",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process.",
                  },
               ],
            },
            exploit: [
               {
                  lang: "en",
                  value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.",
               },
            ],
            impact: {
               cvss: {
                  baseScore: "8.6",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-771",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "20210908 Cisco IOS XR Software IP Service Level Agreements  and Two-Way Active Measurement Protocol Denial of Service Vulnerability",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP",
                  },
               ],
            },
            source: {
               advisory: "cisco-sa-ipsla-ZA3SRrpP",
               defect: [
                  [
                     "CSCvw32825",
                     "CSCvw61840",
                  ],
               ],
               discovery: "INTERNAL",
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2021-34720",
      datePublished: "2021-09-09T05:01:03.855610Z",
      dateReserved: "2021-06-15T00:00:00",
      dateUpdated: "2024-11-07T22:00:49.116Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_4009 -
cisco ncs_4016 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco ios_xr *
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08864A59-0840-4407-8D30-9CE34BAF05E7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F40E779D-5865-4E4B-AE2D-CF1860BA19E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC6A867F-E809-4CB5-82DB-2670CB0A6359",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades en la CLI de Cisco IOS XR Software podrían permitir a un atacante local autenticado con una cuenta de bajo privilegio elevar los privilegios en un dispositivo afectado. Para conseguir más información sobre estas vulnerabilidades, consulte la sección Details de este aviso",
      },
   ],
   id: "CVE-2021-34728",
   lastModified: "2024-11-21T06:11:03.867",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-09-09T05:15:11.870",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 17.9.1
cisco 1000_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 4321_integrated_services_router -
cisco 4331_integrated_services_router -
cisco 4351_integrated_services_router -
cisco 4431_integrated_services_router -
cisco 4451-x_integrated_services_router -
cisco 4451_integrated_services_router -
cisco 4461_integrated_services_router -
cisco asr-920-10sz-pd -
cisco asr-920-12cz-a -
cisco asr-920-12cz-d -
cisco asr-920-12sz-a -
cisco asr-920-12sz-d -
cisco asr-920-12sz-im -
cisco asr-920-12sz-im-cc -
cisco asr-920-20sz-m -
cisco asr-920-24sz-im -
cisco asr-920-24sz-m -
cisco asr-920-24tz-im -
cisco asr-920-24tz-m -
cisco asr-920-4sz-a -
cisco asr-920-4sz-d -
cisco asr-9901-rp -
cisco asr_1000-esp100 -
cisco asr_1000-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1002_fixed_router -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_1023_router -
cisco asr_5000 -
cisco asr_5500 -
cisco asr_5700 -
cisco asr_900 -
cisco asr_900_ -
cisco asr_900_route_switch_processor_2_\(rsp2\) -
cisco asr_900_route_switch_processor_3_\(rsp3\) -
cisco asr_9000 -
cisco asr_9000 -
cisco asr_9000 -
cisco asr_9000_rsp440_router -
cisco asr_9000v -
cisco asr_9000v -
cisco asr_9000v v2
cisco asr_9001 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-10sz-pd_router -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-a_router -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12cz-d_router -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-12sz-im_router -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-im_router -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24sz-m_router -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-24tz-m_router -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-a_router -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920-4sz-d_router -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco asr_9922 -
cisco asr1000-2t\+20x1ge -
cisco asr1000-6tge -
cisco asr1000-esp200 -
cisco asr1000-mip100 -
cisco asr1000-rp3 -
cisco asr1001-hx -
cisco asr1001-hx-rf -
cisco asr1001-x -
cisco asr1001-x-rf -
cisco asr1001-x-ws -
cisco asr1002-hx -
cisco asr1002-hx-rf -
cisco asr1002-hx-ws -
cisco asr1002-x -
cisco asr1002-x-rf -
cisco asr1002-x-ws -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
cisco catalyst_9100 -
cisco catalyst_9105 -
cisco catalyst_9105axi -
cisco catalyst_9105axw -
cisco catalyst_9115 -
cisco catalyst_9115_ap -
cisco catalyst_9115axe -
cisco catalyst_9115axi -
cisco catalyst_9117 -
cisco catalyst_9117_ap -
cisco catalyst_9117axi -
cisco catalyst_9120 -
cisco catalyst_9120_ap -
cisco catalyst_9120axe -
cisco catalyst_9120axi -
cisco catalyst_9120axp -
cisco catalyst_9124 -
cisco catalyst_9124axd -
cisco catalyst_9124axi -
cisco catalyst_9130 -
cisco catalyst_9130_ap -
cisco catalyst_9130axe -
cisco catalyst_9130axi -
cisco catalyst_9200 -
cisco catalyst_9200cx -
cisco catalyst_9200l -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9400 -
cisco catalyst_9400_supervisor_engine-1 -
cisco catalyst_9407r -
cisco catalyst_9410r -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9600_supervisor_engine-1 -
cisco catalyst_9600x -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-40_wireless_controller -
cisco catalyst_9800-80 -
cisco catalyst_9800-80_wireless_controller -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -
cisco catalyst_9800_embedded_wireless_controller -
cisco catalyst_ie3200 -
cisco catalyst_ie3200_rugged_switch -
cisco catalyst_ie3300 -
cisco catalyst_ie3300_rugged_switch -
cisco catalyst_ie3400 -
cisco catalyst_ie3400_heavy_duty_switch -
cisco catalyst_ie3400_rugged_switch -
cisco catalyst_ie9300 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B0C2129-8149-4362-827C-A5494C9D398B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4856E07-B3C2-4674-9584-866F6AF643B2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B80890A8-E3D3-462C-B125-9E9BC6525B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0547E196-5991-4C33-823A-342542E9DFD3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3F374DC-B9F7-4515-A064-01BB436CA984",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D916389F-54DB-44CB-91DD-7CE3C7059350",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5419CB9F-241F-4431-914F-2659BE27BEA5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "818CEFA6-208C-43C3-8E43-474A93ADCF21",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82225D40-537F-41D2-B1C4-1B7D06466B06",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8B60888-6E2B-494E-AC65-83337661EE7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-10sz-pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FCA2DB2-AE09-4A99-90C9-60AE0CD9A035",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12cz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "11B83BED-5A49-4CF0-9827-AA291D01F60E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12cz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C1E8937-51D9-43E6-876E-5D39AD3D32C4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12sz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2CA7AE63-99B9-4F28-8670-639A9B31E494",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12sz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E858B4AB-49B1-4F1C-8722-6E6911194924",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D9ECE39-C111-412B-AF56-9B7435D98FE0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12sz-im-cc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "577D1BF2-5180-4301-941C-3C0ADDD23AA6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-20sz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60DFE60A-34C5-42C3-B539-57AAA9D4F684",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-24sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1B25F27-6527-46F8-9C1A-4B4F79F3E6C4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-24sz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FE70CCD-6062-45D8-8566-7C9E237E030F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-24tz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EA3A897-ED4E-417F-BA6C-C1A825A210F6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-24tz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "375F9E12-A61B-4FD3-AE07-D4E686EB112A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-4sz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D724F932-4548-429D-8CAA-E82C3435A194",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-4sz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BCC94C3-9EEF-4600-BE82-8AEDEB0F1446",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-9901-rp:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE36709F-DCF2-428F-8746-9C5096182E87",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE2182E7-C813-4966-A36C-E648A9344299",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED7C321E-F083-4AB6-96A0-D6358980441E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7594E307-AC80-41EC-AE94-07E664A7D701",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33208B25-0CBB-4E31-A892-60B7B5625155",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "09C913FF-63D5-43FB-8B39-598EF436BA5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4376E56-A21C-4642-A85D-439C8E21CD7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "444F688F-79D0-4F22-B530-7BD520080B8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51F2A755-556C-4C5E-8622-96D124319AF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7428E0A8-1641-47FB-9CA9-34311DEF660D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7401B7-094C-46EB-9869-2F0372E8B26B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "854D9594-FE84-4E7B-BA21-A3287F2DC302",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C81CC6E3-B989-4730-820E-46734E3E608D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1023_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "399C03D1-C4B2-4DE6-9772-EC0BD88D7FCF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "746254AC-B039-432C-AA5C-A82260E57AD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "301681DF-2A9E-4A91-9918-4A46153ADC01",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A9EF0299-16A7-446D-855D-BFF91EE65534",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_900_:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15A2D364-18BE-49BC-8473-FC33D37AFCC8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_900_route_switch_processor_2_\\(rsp2\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "406D120B-23C7-4B84-B976-066F933BBD1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_900_route_switch_processor_3_\\(rsp3\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E19687EA-78E0-4E1C-A6B3-C1074FEA8CE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FEF8271-315F-4756-931F-015F790BE693",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "A15B6B59-E90B-43A8-B4E7-3718FE6990AE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A580194-1B06-4D71-B618-345046DBA9C6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E673A75F-EFF8-4591-8E0F-A21083563DBA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "A50A1CA4-F928-4787-ADB4-0274301B7EF6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "515CD97F-DDBD-4F75-A6DB-646890A30B32",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E181FC9-6790-4C12-874F-67252B6879BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE063AF2-5579-4D7E-8829-9102FC7CB994",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4A46-10D3-48F8-9E92-377ACA447257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DBE110B5-CC6E-4103-9983-4195BCC28165",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B97DDC45-ABD1-4C8F-A249-0865345637A4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D8A748B-DDA9-4F0B-9AAA-F9A62BBC3DCB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FE4D129-435B-45DD-838D-4017BD94DF93",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "456C68A8-F3C8-4302-B55A-134979B42045",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F681230-2530-4ED9-85E9-FE7A57FCF2F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17C6733C-F77B-4688-B051-C1557F4D8D41",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E3D23C1-FE0E-4D33-9E89-07A4135E1360",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2BD45D77-4097-4AFB-98DF-5B8188316C20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E598123-4AF8-44F6-BE87-9F62007FF658",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31608C12-FBED-4EAD-96EC-48BC4B356B77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC28F05-20D0-4518-93FF-F254BA81E4B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D989205A-0576-415C-935E-E83AD42FD1CB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D2BCA1C7-5642-4A2B-9E61-B141E70E098A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C3EB40-574A-48F7-A679-90F62ED976B5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6CC6206-DF19-4636-84C2-8912E443D122",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C27ED272-FCA6-4002-93E1-EF0B89C84572",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85489F69-EAF0-4971-8C93-36838A8AA00E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAD184DD-8774-4C18-BE53-BC6B133B01C8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "22F587F6-876D-4AE4-B6BD-ED50D47F5361",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA179D79-07E7-4721-85BB-0C740B516B1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "9FF5102C-3163-48F1-8D44-352D6715288D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "7FA1F27F-3265-482D-AD31-BCB300419526",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "6D1A5E2E-1CF6-4E3D-A474-9AA26758E574",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E7ED87-8AC0-4107-A7A5-F334236E2906",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "3AE8FA9B-C71B-42AE-94B2-580F505BC17F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1000-2t\\+20x1ge:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "77D24BB4-6357-4BFC-A4CB-B33ECDEB3BEE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1000-6tge:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B1F849A-05BA-4CA2-96AA-F8DFD5E725A5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1000-esp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB060D83-2924-4D1D-9FEE-F8087FA8976D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1000-mip100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CF4D0E5-FF09-4919-B603-B42DB535386C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1000-rp3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "22C36989-4353-4B81-8B0F-FC6322C1C179",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1001-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C24227E-9FF6-4757-A342-958CA4B8BF63",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1001-hx-rf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E529335-18D1-4CEC-A8D5-CC1CA33D64F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1001-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3072DEFA-61D6-413F-97FD-F64C0E90155C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1001-x-rf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9FBFB5C-347B-4F73-93BE-4D3137D8F93A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1001-x-ws:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F040372-CDAD-4AC4-9B7C-BFF9658B6BF2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C33862F1-652A-4F60-BD3E-A6B3733E56A9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-hx-rf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "130205FD-CA31-4E49-B8C4-181840270C70",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-hx-ws:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "908A56D8-64AF-4813-9D4D-C429C0603A31",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03A2AA1C-7568-4BB6-BBD3-8E03D32CDA1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-x-rf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "53DAF422-7E0B-44EB-AD8D-4643A9711739",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-x-ws:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F7F661E-335C-4123-9363-E2E5D51846C1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "005F5347-A5E6-4954-ACAB-E4DF29119724",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "882B8D8F-E154-45C3-BB47-5353167C9776",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E87F823-D924-4718-AD81-248A6C619531",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E45BCCD0-65BB-431F-B448-221C1595CD92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F33BA722-0680-4074-8D03-41657F8CDCC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "295C46B4-5E9F-4DD8-861B-00BA43923306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F840171D-CA1C-4E25-BD41-6B871C47BB84",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B240B20-CF48-4A72-9653-9D04D59C1391",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74CCD143-3D6E-4880-B275-ECF5B04238C6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D58FF034-8E07-4518-A858-5F16F22217E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "376AD386-373D-4B24-966F-D11F76C9020F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0C1174-C789-4547-9899-F7FCD0905F92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC366801-655A-403B-ACD9-3BB43802A3C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47E4D5A8-7E4A-44C5-81DC-84712781206D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B13D6D50-D0FA-4527-BED3-52560DDD5253",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "965BF315-D833-4711-97FC-512151113367",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04072C0F-78A2-4D10-87B2-52DC2537BA89",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD262F58-C47F-439E-A9FF-D1C60120D306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE9EABE0-5FB0-4277-A389-87732E750B7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B207857B-C483-47DF-9FC7-6A05B866BF60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04AB61E9-0148-495E-BD21-64D52DE60A6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85D2C587-E95B-4E74-88CF-5930072258D3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74270062-2030-45A0-9C93-C1F3B7C88E8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F403859-F034-4DD9-9CA5-708EADECB380",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "749040C6-A21A-4EF3-8213-42EE01CFA303",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "56A3430C-9AF7-4604-AD95-FCF2989E9EB0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F050F416-44C3-474C-9002-321A33F288D6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A699C5C-CD03-4263-952F-5074B470F20E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "46D41CFE-784B-40EE-9431-8097428E5892",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D148A27-85B6-4883-96B5-343C8D32F23B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "735CA950-672C-4787-8910-48AD07868FDE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11EF240-7599-4138-B7A7-17E4479F5B83",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "248A3FFC-C33C-4336-A37C-67B6046556E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "169E5354-07EA-4639-AB4B-20D2B9DE784C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0972076B-5C87-44B3-90EC-4C200B89318A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74AED057-2458-4DE0-8D51-ABD766D07F68",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19538C03-5FB8-4401-8B21-489C629D7E7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B26D7061-F471-4DF0-A892-ED132958B84A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "033ED443-80E7-4012-9825-07AAC0D44B96",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD3F3CC6-A349-47B1-B282-B6458683C191",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "21AFDC0D-7629-424E-827B-C8A8767324C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A263CFF2-A659-405B-90EA-51E49B25C6D3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CEFBD449-217D-4569-99F7-D56B853A3E07",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED668FC-D1A5-4175-A234-23760BA6E788",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D650C48-9241-42F7-87A9-20733329489A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82D345E7-8208-41AC-B11A-4425D29E98A1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E386D461-F1C1-4970-B056-D6119E74D449",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "226F985C-4669-4D0A-9DB4-CB1465B37B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B736A43-6F4E-40A9-84E4-D9E251489234",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E99CA124-7D86-463B-A31E-A7836B7493E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E014B028-8DD9-428C-B705-8F428F145932",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5306E847-C718-4C83-9C97-8AB498DC4A88",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18287CEF-B574-4498-A256-567CA6E6CA7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5713043E-2535-4540-B3EF-41FAC40BECE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67701D77-8B03-446A-AE22-4B8CCCD6F029",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "831A2390-7170-4FC0-A95E-3DAB1791017D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "493989DC-8F1B-45C9-AD11-38B97B958C9C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F168FB20-0C44-4A5B-910A-04B9517545C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "737F22AB-C5A9-4A18-BA3D-38A222491397",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E5DCFD5-2B46-4D06-9E4C-B2325F440F02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5508320-8318-41A8-8026-4A61907C1CD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "176ACF88-6112-4179-8492-50C50577B300",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D07FC868-0B38-4F24-BA40-87966FF80AB7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EA59279-3504-417D-9E86-E5886EE198BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E283C34-43AE-49A5-A72B-32DEA185ABD3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B0E620C-8E09-4F7C-A326-26013173B993",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ADB3AF13-5324-42CD-8EDB-6F730BF46214",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78706517-83F4-4D44-A6EC-B78ADCEABAC0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EACA55A5-4E73-4187-96BE-08E04F2C7659",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "86879AC0-890E-42F4-9561-6851F38FE0AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E31CB8F-60FF-4D03-BE8C-824ECE967797",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19017B10-F630-42CD-ACD2-E817FEF0E7F1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04A41A34-58D2-4DBC-ABC9-20A62BC8A838",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C7CCC02-113E-4EA1-B0CA-9FDF1108BB71",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DF0025D-8DE1-437D-9A4E-72C3AC6B46CD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el procesamiento de paquetes malformados del Protocolo Industrial Común (CIP) que se envían al software Cisco IOS y al software Cisco IOS XE podría permitir a un atacante remoto no autenticado causar una recarga no esperada del dispositivo afectado, lo que provocaría una condición de denegación de servicio (DoS). Esta vulnerabilidad es debido a que no es comprobado suficientemente la entrada durante el procesamiento de los paquetes CIP. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete CIP malformado a un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar al dispositivo afectado recargarse inesperadamente, resultando en una condición de DoS",
      },
   ],
   id: "CVE-2022-20919",
   lastModified: "2024-11-21T06:43:48.977",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-09-30T19:15:13.417",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-248",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-755",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-01-26 05:15
Modified
2024-11-21 04:29
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim&rsquo;s BGP network on an existing, valid TCP connection to a BGP peer.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000v -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco crs -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco xrv_9000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco ios_xr 7.0.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco xrv_9000 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B051AF4-592A-4201-9DD3-8683C1847A00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim&rsquo;s BGP network on an existing, valid TCP connection to a BGP peer.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de la funcionalidad Border Gateway Protocol (BGP) en Cisco IOS XR Software, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS). La vulnerabilidad es debido al procesamiento incorrecto de un mensaje de actualización BGP que contiene un atributo BGP específico. Un atacante podría explotar esta vulnerabilidad mediante el envío de mensajes de actualización de BGP que incluyan un atributo específico con malformación para que un sistema afectado lo procese. Una explotación con éxito podría permitir al atacante causar que el proceso BGP se reinicie inesperadamente, resultando en una condición DoS. La implementación de Cisco de BGP acepta el tráfico de BGP entrante solo desde peers definidos explícitamente. Para explotar esta vulnerabilidad, el mensaje de actualización de BGP malicioso necesitaría venir de un peer BGP válido y configurado o el atacante debería inyectarlo en la red BGP victim’s en una conexión TCP válida existente a un peer BGP.",
      },
   ],
   id: "CVE-2019-15989",
   lastModified: "2024-11-21T04:29:52.940",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-01-26T05:15:13.567",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-754",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-754",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPkVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPkVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 17.6.3
cisco ios_xe 17.11.1
cisco 1000_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 4321_integrated_services_router -
cisco 4331_integrated_services_router -
cisco 4351_integrated_services_router -
cisco 4431_integrated_services_router -
cisco 4451-x_integrated_services_router -
cisco 4451_integrated_services_router -
cisco 4461_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8800_12-slot -
cisco 8800_18-slot -
cisco 8800_4-slot -
cisco 8800_8-slot -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco 9800-40 -
cisco 9800-80 -
cisco 9800-cl -
cisco 9800-l -
cisco asr_1000 -
cisco asr_1000-esp100 -
cisco asr_1000-esp100-x -
cisco asr_1000-esp200-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_900 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9000v v2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
cisco catalyst_9200 -
cisco catalyst_9200cx -
cisco catalyst_9200l -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9400 -
cisco catalyst_9400_supervisor_engine-1 -
cisco catalyst_9407r -
cisco catalyst_9410r -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9600_supervisor_engine-1 -
cisco catalyst_9600x -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-40_wireless_controller -
cisco catalyst_9800-80 -
cisco catalyst_9800-80_wireless_controller -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -
cisco catalyst_9800_embedded_wireless_controller -
cisco catalyst_ie3200 -
cisco catalyst_ie3200_rugged_switch -
cisco catalyst_ie3300 -
cisco catalyst_ie3300_rugged_switch -
cisco catalyst_ie3400 -
cisco catalyst_ie3400_heavy_duty_switch -
cisco catalyst_ie3400_rugged_switch -
cisco catalyst_ie9300 -
cisco cbr-8 -
cisco cg418-e -
cisco cg522-e -
cisco esr6300 -
cisco ess-3300-24t-con-a -
cisco ess-3300-24t-con-e -
cisco ess-3300-24t-ncp-a -
cisco ess-3300-24t-ncp-e -
cisco ess-3300-con-a -
cisco ess-3300-con-e -
cisco ess-3300-ncp-a -
cisco ess-3300-ncp-e -
cisco ess9300-10x-e -
cisco integrated_services_virtual_router -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B78942C-BEE1-4D18-9075-8E1D991BF621",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "F313F2EC-F3D6-4639-934C-402DDA3DA806",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4856E07-B3C2-4674-9584-866F6AF643B2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B80890A8-E3D3-462C-B125-9E9BC6525B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0547E196-5991-4C33-823A-342542E9DFD3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3F374DC-B9F7-4515-A064-01BB436CA984",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D916389F-54DB-44CB-91DD-7CE3C7059350",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5419CB9F-241F-4431-914F-2659BE27BEA5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "818CEFA6-208C-43C3-8E43-474A93ADCF21",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82225D40-537F-41D2-B1C4-1B7D06466B06",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8B60888-6E2B-494E-AC65-83337661EE7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE2514A1-486C-40F7-8746-56E2B973CBE6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2C3816C-95F4-443C-9C79-72F0251528F4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1810C73-93B8-4EB5-85FC-3585AD5256BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE2BC76E-A166-4E71-B058-F49FF84A9E19",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "542244A0-300C-4630-812A-BF45F61E38DD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91209C16-A620-44A0-9134-8AA456343F29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp100-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "917B52DF-4210-4DD6-97EF-8A033497A954",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp200-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7F413FB-D4F9-4113-9D67-2956BF1DC30D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED7C321E-F083-4AB6-96A0-D6358980441E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7594E307-AC80-41EC-AE94-07E664A7D701",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33208B25-0CBB-4E31-A892-60B7B5625155",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "09C913FF-63D5-43FB-8B39-598EF436BA5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4376E56-A21C-4642-A85D-439C8E21CD7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "444F688F-79D0-4F22-B530-7BD520080B8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51F2A755-556C-4C5E-8622-96D124319AF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7428E0A8-1641-47FB-9CA9-34311DEF660D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7401B7-094C-46EB-9869-2F0372E8B26B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "854D9594-FE84-4E7B-BA21-A3287F2DC302",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C81CC6E3-B989-4730-820E-46734E3E608D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FEF8271-315F-4756-931F-015F790BE693",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E673A75F-EFF8-4591-8E0F-A21083563DBA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "515CD97F-DDBD-4F75-A6DB-646890A30B32",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E181FC9-6790-4C12-874F-67252B6879BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE063AF2-5579-4D7E-8829-9102FC7CB994",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4A46-10D3-48F8-9E92-377ACA447257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DBE110B5-CC6E-4103-9983-4195BCC28165",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B97DDC45-ABD1-4C8F-A249-0865345637A4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FE4D129-435B-45DD-838D-4017BD94DF93",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "456C68A8-F3C8-4302-B55A-134979B42045",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17C6733C-F77B-4688-B051-C1557F4D8D41",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2BD45D77-4097-4AFB-98DF-5B8188316C20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31608C12-FBED-4EAD-96EC-48BC4B356B77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D989205A-0576-415C-935E-E83AD42FD1CB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C3EB40-574A-48F7-A679-90F62ED976B5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6CC6206-DF19-4636-84C2-8912E443D122",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85489F69-EAF0-4971-8C93-36838A8AA00E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA179D79-07E7-4721-85BB-0C740B516B1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E7ED87-8AC0-4107-A7A5-F334236E2906",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "005F5347-A5E6-4954-ACAB-E4DF29119724",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "882B8D8F-E154-45C3-BB47-5353167C9776",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E87F823-D924-4718-AD81-248A6C619531",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E45BCCD0-65BB-431F-B448-221C1595CD92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F33BA722-0680-4074-8D03-41657F8CDCC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "295C46B4-5E9F-4DD8-861B-00BA43923306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F840171D-CA1C-4E25-BD41-6B871C47BB84",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B240B20-CF48-4A72-9653-9D04D59C1391",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74CCD143-3D6E-4880-B275-ECF5B04238C6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D58FF034-8E07-4518-A858-5F16F22217E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "376AD386-373D-4B24-966F-D11F76C9020F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0C1174-C789-4547-9899-F7FCD0905F92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC366801-655A-403B-ACD9-3BB43802A3C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47E4D5A8-7E4A-44C5-81DC-84712781206D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B13D6D50-D0FA-4527-BED3-52560DDD5253",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "965BF315-D833-4711-97FC-512151113367",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04072C0F-78A2-4D10-87B2-52DC2537BA89",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD262F58-C47F-439E-A9FF-D1C60120D306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE9EABE0-5FB0-4277-A389-87732E750B7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B207857B-C483-47DF-9FC7-6A05B866BF60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04AB61E9-0148-495E-BD21-64D52DE60A6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85D2C587-E95B-4E74-88CF-5930072258D3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74270062-2030-45A0-9C93-C1F3B7C88E8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F403859-F034-4DD9-9CA5-708EADECB380",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0972076B-5C87-44B3-90EC-4C200B89318A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74AED057-2458-4DE0-8D51-ABD766D07F68",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19538C03-5FB8-4401-8B21-489C629D7E7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B26D7061-F471-4DF0-A892-ED132958B84A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "033ED443-80E7-4012-9825-07AAC0D44B96",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD3F3CC6-A349-47B1-B282-B6458683C191",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "21AFDC0D-7629-424E-827B-C8A8767324C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A263CFF2-A659-405B-90EA-51E49B25C6D3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CEFBD449-217D-4569-99F7-D56B853A3E07",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED668FC-D1A5-4175-A234-23760BA6E788",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D650C48-9241-42F7-87A9-20733329489A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82D345E7-8208-41AC-B11A-4425D29E98A1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E386D461-F1C1-4970-B056-D6119E74D449",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "226F985C-4669-4D0A-9DB4-CB1465B37B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B736A43-6F4E-40A9-84E4-D9E251489234",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E99CA124-7D86-463B-A31E-A7836B7493E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E014B028-8DD9-428C-B705-8F428F145932",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5306E847-C718-4C83-9C97-8AB498DC4A88",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18287CEF-B574-4498-A256-567CA6E6CA7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5713043E-2535-4540-B3EF-41FAC40BECE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67701D77-8B03-446A-AE22-4B8CCCD6F029",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "831A2390-7170-4FC0-A95E-3DAB1791017D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "493989DC-8F1B-45C9-AD11-38B97B958C9C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F168FB20-0C44-4A5B-910A-04B9517545C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "737F22AB-C5A9-4A18-BA3D-38A222491397",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E5DCFD5-2B46-4D06-9E4C-B2325F440F02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5508320-8318-41A8-8026-4A61907C1CD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "176ACF88-6112-4179-8492-50C50577B300",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D07FC868-0B38-4F24-BA40-87966FF80AB7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EA59279-3504-417D-9E86-E5886EE198BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E283C34-43AE-49A5-A72B-32DEA185ABD3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B0E620C-8E09-4F7C-A326-26013173B993",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ADB3AF13-5324-42CD-8EDB-6F730BF46214",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78706517-83F4-4D44-A6EC-B78ADCEABAC0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EACA55A5-4E73-4187-96BE-08E04F2C7659",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "86879AC0-890E-42F4-9561-6851F38FE0AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E31CB8F-60FF-4D03-BE8C-824ECE967797",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19017B10-F630-42CD-ACD2-E817FEF0E7F1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04A41A34-58D2-4DBC-ABC9-20A62BC8A838",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C7CCC02-113E-4EA1-B0CA-9FDF1108BB71",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DF0025D-8DE1-437D-9A4E-72C3AC6B46CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:cbr-8:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB77D0EC-A448-4D97-8EB0-EA4956549A52",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:cg418-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C054973-91D8-439F-960F-02BF12A50632",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:cg522-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "79252E00-2D94-44AA-8601-E4AB4EA38A76",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:esr6300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44D19136-4ECB-437F-BA8A-E2FE35A39BF9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-24t-con-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4C98B90-69B3-4BDF-A569-4C102498BFAD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-24t-con-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7646B0A1-FDF5-4A60-A451-E84CE355302E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-24t-ncp-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA889066-14A8-4D88-9EFF-582FE1E65108",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-24t-ncp-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A0C09AE-CD2A-486A-82D4-2F26AA6B6B95",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-con-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BEF81CC0-AEED-42DE-B423-8F4E118680BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-con-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDAAFDF1-7A3C-475F-AE82-B3194939D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-ncp-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9566FC8C-0357-4780-976F-8A68E6A7D24A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-ncp-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "07503D21-965B-49F0-B8F2-B5ECD656F277",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess9300-10x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "880B8176-B30D-443E-B5F1-1769B65978C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:integrated_services_virtual_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5361C70A-C036-4254-9698-BC58F48C465B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. \r\n\r This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.",
      },
   ],
   id: "CVE-2023-20065",
   lastModified: "2024-11-21T07:40:28.227",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-03-23T17:15:14.393",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-284",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2015-06-23 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=39455Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/75352Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1032691Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=39455Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/75352Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032691Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco ios_xr 5.3.1
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "17A89483-1BC3-4F23-AEAC-C26E7E211CCE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959.",
      },
      {
         lang: "es",
         value: "Cisco IOS XR 5.3.1 en los dispositivos ASR 9000 permite a atacantes remotos causar una denegación de servicio (restablecimiento del chip NPU o recarga de tarjeta de línea) mediante el envío de tramas manipuladas de PAUSE en el control de flujo de IEEE 802.3x en la red local, también conocido como Bug ID CSCut19959.",
      },
   ],
   id: "CVE-2015-4205",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 5.7,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:M/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 5.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2015-06-23T14:59:02.743",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39455",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/75352",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032691",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=39455",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/75352",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032691",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpPVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpPVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_4009 -
cisco ncs_4016 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
                     versionEndExcluding: "6.2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D19A362A-DF30-4B02-832E-FB5389C9400E",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
                     versionEndExcluding: "7.2.2",
                     versionStartIncluding: "6.5.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
                     versionEndExcluding: "6.2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D19A362A-DF30-4B02-832E-FB5389C9400E",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
                     versionEndExcluding: "7.2.2",
                     versionStartIncluding: "6.5.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
                     versionEndExcluding: "6.2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D19A362A-DF30-4B02-832E-FB5389C9400E",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
                     versionEndExcluding: "7.2.2",
                     versionStartIncluding: "6.5.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08864A59-0840-4407-8D30-9CE34BAF05E7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
                     versionEndExcluding: "6.2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D19A362A-DF30-4B02-832E-FB5389C9400E",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
                     versionEndExcluding: "7.2.2",
                     versionStartIncluding: "6.5.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
                     versionEndExcluding: "6.2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D19A362A-DF30-4B02-832E-FB5389C9400E",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
                     versionEndExcluding: "7.2.2",
                     versionStartIncluding: "6.5.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F40E779D-5865-4E4B-AE2D-CF1860BA19E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC6A867F-E809-4CB5-82DB-2670CB0A6359",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
                     versionEndExcluding: "6.2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D19A362A-DF30-4B02-832E-FB5389C9400E",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
                     versionEndExcluding: "7.2.2",
                     versionStartIncluding: "6.5.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
                     versionEndExcluding: "6.2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D19A362A-DF30-4B02-832E-FB5389C9400E",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
                     versionEndExcluding: "7.2.2",
                     versionStartIncluding: "6.5.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
                     versionEndExcluding: "6.2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D19A362A-DF30-4B02-832E-FB5389C9400E",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
                     versionEndExcluding: "7.2.2",
                     versionStartIncluding: "6.5.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C3C4D0F-CAF7-44E8-9B7E-E45D00457A75",
                     versionEndExcluding: "6.2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D19A362A-DF30-4B02-832E-FB5389C9400E",
                     versionEndExcluding: "6.3.2",
                     versionStartIncluding: "6.3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CFFB34B7-8C3B-4C5F-8521-B6EAE9CBFBEA",
                     versionEndExcluding: "7.2.2",
                     versionStartIncluding: "6.5.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause device packet memory to become exhausted or cause the IP SLA process to crash, resulting in a denial of service (DoS) condition. This vulnerability exists because socket creation failures are mishandled during the IP SLA and TWAMP processes. An attacker could exploit this vulnerability by sending specific IP SLA or TWAMP packets to an affected device. A successful exploit could allow the attacker to exhaust the packet memory, which will impact other processes, such as routing protocols, or crash the IP SLA process.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en las funciones de respuesta de los Acuerdos de Nivel de Servicio IP (IP SLA) y del Protocolo de Medición Activa de Dos Vías (TWAMP) de Cisco IOS XR Software podría permitir a un atacante remoto no autenticado causar el agotamiento de la memoria de paquetes del dispositivo o causar el bloqueo del proceso IP SLA, resultando en una condición de denegación de servicio (DoS). Esta vulnerabilidad Se presenta porque los fallos en la creación de sockets son manejados inapropiadamente durante los procesos IP SLA y TWAMP. Un atacante podría explotar esta vulnerabilidad mediante el envío de paquetes específicos de IP SLA o TWAMP a un dispositivo afectado. Una explotación con éxito podría permitir a un atacante agotar la memoria de paquetes, lo que afectaría a otros procesos, como los protocolos de enrutamiento, o bloquearía el proceso IP SLA",
      },
   ],
   id: "CVE-2021-34720",
   lastModified: "2024-11-21T06:11:02.663",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-09-09T05:15:11.463",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsla-ZA3SRrpP",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-771",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-11-26 04:15
Modified
2024-11-21 04:29
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypassVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypassVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.5.1
cisco ios_xr 6.5.2
cisco ios_xr 6.5.3
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2FD2C84-CD64-4C1C-BC38-2F7A2A6EEF45",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DE98B34-501B-449A-843A-58F297EDBE1B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to connect to the device on the NETCONF port. Valid credentials are required to access the device. This vulnerability does not affect connections to the default SSH process on the device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la lógica de control de acceso de NETCONF sobre Secure Shell (SSH) del Software Cisco IOS XR, puede permitir conexiones a pesar de una lista de control de acceso (ACL) configurada para denegar el acceso a NETCONF sobre SSH de un dispositivo afectado. La vulnerabilidad es debido a una falta de comprobación en la lista de control de acceso (ACL) de NETCONF sobre SSH. Un atacante podría explotar esta vulnerabilidad al conectarse en un dispositivo afectado usando NETCONF sobre SSH. Una explotación con éxito podría permitir al atacante conectar con el dispositivo en el puerto NETCONF. Unas credenciales válidas son requeridas para acceder al dispositivo. Esta vulnerabilidad no afecta las conexiones al proceso SSH predeterminado en el dispositivo.",
      },
   ],
   id: "CVE-2019-15998",
   lastModified: "2024-11-21T04:29:54.100",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.3,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-11-26T04:15:12.547",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypass",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191120-iosxr-ssh-bypass",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-284",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2015-09-20 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=41101Vendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1033623Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=41101Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033623Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco ios_xr 5.2.0_base
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.0_base:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF27ECE7-0B44-4369-AC27-C23AEB9F7C8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171.",
      },
      {
         lang: "es",
         value: "Vulnerabilidad en el servidor DHCPv6 en dispositivos ASR 9000 con software 5.2.0 Base, permite a atacantes remotos provocar una denegación de servicio (reinicio de proceso) a través de paquetes manipulados, también conocida como ID CSCun72171.",
      },
   ],
   id: "CVE-2015-6301",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2015-09-20T14:59:06.960",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=41101",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033623",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=41101",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033623",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2014-08-26 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.
References
psirt@cisco.comhttp://secunia.com/advisories/60222
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335Vendor Advisory
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=35416Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/69383
psirt@cisco.comhttp://www.securitytracker.com/id/1030757
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/95443
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60222
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=35416Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/69383
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030757
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/95443
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr 4.3.0
cisco ios_xr 4.3.1
cisco asr_9000_rsp440_router -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "88B692CE-4052-4F9D-8A87-3E93DCBAAD6D",
                     versionEndIncluding: "4.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "074571B4-65EF-451A-89DC-0797F6E4BFEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D909532E-85F5-4201-8BFF-561A21998D97",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A580194-1B06-4D71-B618-345046DBA9C6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.",
      },
      {
         lang: "es",
         value: "Cisco IOS XR 4.3(.2) y anteriores en los dispositivos ASR 9000 no realiza debidamente el muestreo NetFlow de paquetes con direcciones MAC de destinos multicast, lo que permite a atacantes remotos causar una denegación de servicio (cuelgues de chip y tarjeta) a través de un paquete manipulado, también conocido como Bug ID CSCup77750.",
      },
   ],
   id: "CVE-2014-3335",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "HIGH",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 4.6,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:H/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.2,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2014-08-26T10:55:04.573",
   references: [
      {
         source: "psirt@cisco.com",
         url: "http://secunia.com/advisories/60222",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35416",
      },
      {
         source: "psirt@cisco.com",
         url: "http://www.securityfocus.com/bid/69383",
      },
      {
         source: "psirt@cisco.com",
         url: "http://www.securitytracker.com/id/1030757",
      },
      {
         source: "psirt@cisco.com",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95443",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/60222",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35416",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/69383",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id/1030757",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/95443",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-04-17 22:29
Modified
2024-11-21 04:37
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Summary
A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this vulnerability by sending traffic through an affected device that should otherwise be denied by the configured ACL. An exploit could allow the attacker to bypass protection offered by a configured ACL on the affected device. There are workarounds that address this vulnerability. Affected Cisco IOS XR versions are: Cisco IOS XR Software Release 5.1.1 and later till first fixed. First Fixed Releases: 6.5.2 and later, 6.6.1 and later.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/108026Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxraclVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108026Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxraclVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BDD6EC92-3034-48C9-9A95-46585CAE18B6",
                     versionEndExcluding: "6.5.2",
                     versionStartIncluding: "5.1.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "77C49A71-2711-41E7-93E7-AD14F83A48D9",
                     versionEndExcluding: "6.6.1",
                     versionStartIncluding: "6.5.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this vulnerability by sending traffic through an affected device that should otherwise be denied by the configured ACL. An exploit could allow the attacker to bypass protection offered by a configured ACL on the affected device. There are workarounds that address this vulnerability. Affected Cisco IOS XR versions are: Cisco IOS XR Software Release 5.1.1 and later till first fixed. First Fixed Releases: 6.5.2 and later, 6.6.1 and later.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el indicador función de inspección de marcas TCP para listas de control de acceso (ACL) en ASR 9000 Series Aggregation Services de Cisco versión ASR 9000 Series podría permitir que un atacante remoto no identificado omita la protección ofrecida por una ACL configurada en un dispositivo afectado. La vulnerabilidad se debe a un procesamiento incorrecto de la ACL aplicada a una interfaz de un dispositivo afectado cuando se habilita el equilibrio de carga de Cisco Express Forwarding utilizando el algoritmo de hash de 3 tuplas. Un atacante podría aprovechar esta vulnerabilidad enviando tráfico por medio de un dispositivo afectado que, de lo contrario, debería ser rechazado por la ACL configurada. Una operación podría permitir al atacante omitir la protección ofrecida por una ACL configurada en el dispositivo afectado. Hay soluciones que abordan esta vulnerabilidad. Las versiones afectadas de Cisco IOS XR son: Cisco IOS XR Software Release versión 5.1.1 y posteriores hasta su primera reparación. Primeros lanzamientos fijos: versión 6.5.2 y posteriores, versión 6.6.1 y posteriores.",
      },
   ],
   id: "CVE-2019-1686",
   lastModified: "2024-11-21T04:37:05.900",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "LOW",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-04-17T22:29:00.360",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/108026",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxracl",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/108026",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-iosxracl",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-284",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9VVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9VVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 16.12.3
cisco ios_xe 17.3.2
cisco ios_xe 17.6.2
cisco 1000_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 4321_integrated_services_router -
cisco 4331_integrated_services_router -
cisco 4351_integrated_services_router -
cisco 4431_integrated_services_router -
cisco 4451-x_integrated_services_router -
cisco 4451_integrated_services_router -
cisco 4461_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8800_12-slot -
cisco 8800_18-slot -
cisco 8800_4-slot -
cisco 8800_8-slot -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco 9800-40 -
cisco 9800-80 -
cisco 9800-cl -
cisco 9800-l -
cisco asr_1000 -
cisco asr_1000-esp100 -
cisco asr_1000-esp100-x -
cisco asr_1000-esp200-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_900 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9000v v2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
cisco catalyst_9200 -
cisco catalyst_9200cx -
cisco catalyst_9200l -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9400 -
cisco catalyst_9400_supervisor_engine-1 -
cisco catalyst_9407r -
cisco catalyst_9410r -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9600_supervisor_engine-1 -
cisco catalyst_9600x -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-40_wireless_controller -
cisco catalyst_9800-80 -
cisco catalyst_9800-80_wireless_controller -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -
cisco catalyst_9800_embedded_wireless_controller -
cisco catalyst_ie3200 -
cisco catalyst_ie3200_rugged_switch -
cisco catalyst_ie3300 -
cisco catalyst_ie3300_rugged_switch -
cisco catalyst_ie3400 -
cisco catalyst_ie3400_heavy_duty_switch -
cisco catalyst_ie3400_rugged_switch -
cisco catalyst_ie9300 -
cisco cbr-8 -
cisco cg418-e -
cisco cg522-e -
cisco esr6300 -
cisco ess-3300-24t-con-a -
cisco ess-3300-24t-con-e -
cisco ess-3300-24t-ncp-a -
cisco ess-3300-24t-ncp-e -
cisco ess-3300-con-a -
cisco ess-3300-con-e -
cisco ess-3300-ncp-a -
cisco ess-3300-ncp-e -
cisco ess9300-10x-e -
cisco integrated_services_virtual_router -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5750264-2990-4942-85F4-DB9746C5CA2B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B270A04-9961-4E99-806B-441CD674AFBD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4856E07-B3C2-4674-9584-866F6AF643B2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B80890A8-E3D3-462C-B125-9E9BC6525B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0547E196-5991-4C33-823A-342542E9DFD3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3F374DC-B9F7-4515-A064-01BB436CA984",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D916389F-54DB-44CB-91DD-7CE3C7059350",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5419CB9F-241F-4431-914F-2659BE27BEA5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "818CEFA6-208C-43C3-8E43-474A93ADCF21",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82225D40-537F-41D2-B1C4-1B7D06466B06",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8B60888-6E2B-494E-AC65-83337661EE7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE2514A1-486C-40F7-8746-56E2B973CBE6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2C3816C-95F4-443C-9C79-72F0251528F4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1810C73-93B8-4EB5-85FC-3585AD5256BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE2BC76E-A166-4E71-B058-F49FF84A9E19",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "542244A0-300C-4630-812A-BF45F61E38DD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91209C16-A620-44A0-9134-8AA456343F29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp100-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "917B52DF-4210-4DD6-97EF-8A033497A954",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp200-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7F413FB-D4F9-4113-9D67-2956BF1DC30D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED7C321E-F083-4AB6-96A0-D6358980441E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7594E307-AC80-41EC-AE94-07E664A7D701",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33208B25-0CBB-4E31-A892-60B7B5625155",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "09C913FF-63D5-43FB-8B39-598EF436BA5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4376E56-A21C-4642-A85D-439C8E21CD7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "444F688F-79D0-4F22-B530-7BD520080B8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51F2A755-556C-4C5E-8622-96D124319AF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7428E0A8-1641-47FB-9CA9-34311DEF660D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7401B7-094C-46EB-9869-2F0372E8B26B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "854D9594-FE84-4E7B-BA21-A3287F2DC302",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C81CC6E3-B989-4730-820E-46734E3E608D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FEF8271-315F-4756-931F-015F790BE693",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E673A75F-EFF8-4591-8E0F-A21083563DBA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "515CD97F-DDBD-4F75-A6DB-646890A30B32",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E181FC9-6790-4C12-874F-67252B6879BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE063AF2-5579-4D7E-8829-9102FC7CB994",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4A46-10D3-48F8-9E92-377ACA447257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DBE110B5-CC6E-4103-9983-4195BCC28165",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B97DDC45-ABD1-4C8F-A249-0865345637A4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FE4D129-435B-45DD-838D-4017BD94DF93",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "456C68A8-F3C8-4302-B55A-134979B42045",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17C6733C-F77B-4688-B051-C1557F4D8D41",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2BD45D77-4097-4AFB-98DF-5B8188316C20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31608C12-FBED-4EAD-96EC-48BC4B356B77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D989205A-0576-415C-935E-E83AD42FD1CB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C3EB40-574A-48F7-A679-90F62ED976B5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6CC6206-DF19-4636-84C2-8912E443D122",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85489F69-EAF0-4971-8C93-36838A8AA00E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA179D79-07E7-4721-85BB-0C740B516B1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E7ED87-8AC0-4107-A7A5-F334236E2906",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "005F5347-A5E6-4954-ACAB-E4DF29119724",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "882B8D8F-E154-45C3-BB47-5353167C9776",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E87F823-D924-4718-AD81-248A6C619531",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E45BCCD0-65BB-431F-B448-221C1595CD92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F33BA722-0680-4074-8D03-41657F8CDCC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "295C46B4-5E9F-4DD8-861B-00BA43923306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F840171D-CA1C-4E25-BD41-6B871C47BB84",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B240B20-CF48-4A72-9653-9D04D59C1391",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74CCD143-3D6E-4880-B275-ECF5B04238C6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D58FF034-8E07-4518-A858-5F16F22217E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "376AD386-373D-4B24-966F-D11F76C9020F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0C1174-C789-4547-9899-F7FCD0905F92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC366801-655A-403B-ACD9-3BB43802A3C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47E4D5A8-7E4A-44C5-81DC-84712781206D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B13D6D50-D0FA-4527-BED3-52560DDD5253",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "965BF315-D833-4711-97FC-512151113367",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04072C0F-78A2-4D10-87B2-52DC2537BA89",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD262F58-C47F-439E-A9FF-D1C60120D306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE9EABE0-5FB0-4277-A389-87732E750B7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B207857B-C483-47DF-9FC7-6A05B866BF60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04AB61E9-0148-495E-BD21-64D52DE60A6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85D2C587-E95B-4E74-88CF-5930072258D3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74270062-2030-45A0-9C93-C1F3B7C88E8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F403859-F034-4DD9-9CA5-708EADECB380",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0972076B-5C87-44B3-90EC-4C200B89318A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74AED057-2458-4DE0-8D51-ABD766D07F68",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19538C03-5FB8-4401-8B21-489C629D7E7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B26D7061-F471-4DF0-A892-ED132958B84A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "033ED443-80E7-4012-9825-07AAC0D44B96",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD3F3CC6-A349-47B1-B282-B6458683C191",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "21AFDC0D-7629-424E-827B-C8A8767324C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A263CFF2-A659-405B-90EA-51E49B25C6D3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CEFBD449-217D-4569-99F7-D56B853A3E07",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED668FC-D1A5-4175-A234-23760BA6E788",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D650C48-9241-42F7-87A9-20733329489A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82D345E7-8208-41AC-B11A-4425D29E98A1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E386D461-F1C1-4970-B056-D6119E74D449",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "226F985C-4669-4D0A-9DB4-CB1465B37B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B736A43-6F4E-40A9-84E4-D9E251489234",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E99CA124-7D86-463B-A31E-A7836B7493E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E014B028-8DD9-428C-B705-8F428F145932",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5306E847-C718-4C83-9C97-8AB498DC4A88",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18287CEF-B574-4498-A256-567CA6E6CA7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5713043E-2535-4540-B3EF-41FAC40BECE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67701D77-8B03-446A-AE22-4B8CCCD6F029",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "831A2390-7170-4FC0-A95E-3DAB1791017D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "493989DC-8F1B-45C9-AD11-38B97B958C9C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F168FB20-0C44-4A5B-910A-04B9517545C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "737F22AB-C5A9-4A18-BA3D-38A222491397",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E5DCFD5-2B46-4D06-9E4C-B2325F440F02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5508320-8318-41A8-8026-4A61907C1CD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "176ACF88-6112-4179-8492-50C50577B300",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D07FC868-0B38-4F24-BA40-87966FF80AB7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EA59279-3504-417D-9E86-E5886EE198BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E283C34-43AE-49A5-A72B-32DEA185ABD3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B0E620C-8E09-4F7C-A326-26013173B993",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ADB3AF13-5324-42CD-8EDB-6F730BF46214",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78706517-83F4-4D44-A6EC-B78ADCEABAC0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EACA55A5-4E73-4187-96BE-08E04F2C7659",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "86879AC0-890E-42F4-9561-6851F38FE0AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E31CB8F-60FF-4D03-BE8C-824ECE967797",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19017B10-F630-42CD-ACD2-E817FEF0E7F1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04A41A34-58D2-4DBC-ABC9-20A62BC8A838",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C7CCC02-113E-4EA1-B0CA-9FDF1108BB71",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DF0025D-8DE1-437D-9A4E-72C3AC6B46CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:cbr-8:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB77D0EC-A448-4D97-8EB0-EA4956549A52",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:cg418-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C054973-91D8-439F-960F-02BF12A50632",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:cg522-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "79252E00-2D94-44AA-8601-E4AB4EA38A76",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:esr6300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44D19136-4ECB-437F-BA8A-E2FE35A39BF9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-24t-con-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4C98B90-69B3-4BDF-A569-4C102498BFAD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-24t-con-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7646B0A1-FDF5-4A60-A451-E84CE355302E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-24t-ncp-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA889066-14A8-4D88-9EFF-582FE1E65108",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-24t-ncp-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A0C09AE-CD2A-486A-82D4-2F26AA6B6B95",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-con-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BEF81CC0-AEED-42DE-B423-8F4E118680BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-con-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDAAFDF1-7A3C-475F-AE82-B3194939D401",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-ncp-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9566FC8C-0357-4780-976F-8A68E6A7D24A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess-3300-ncp-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "07503D21-965B-49F0-B8F2-B5ECD656F277",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ess9300-10x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "880B8176-B30D-443E-B5F1-1769B65978C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:integrated_services_virtual_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5361C70A-C036-4254-9698-BC58F48C465B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem.",
      },
   ],
   id: "CVE-2023-20066",
   lastModified: "2024-11-21T07:40:28.413",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-03-23T17:15:14.547",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-23",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKfVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_4009 -
cisco ncs_4016 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco ios_xr *
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
                     versionEndIncluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
                     versionEndIncluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08864A59-0840-4407-8D30-9CE34BAF05E7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F40E779D-5865-4E4B-AE2D-CF1860BA19E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC6A867F-E809-4CB5-82DB-2670CB0A6359",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades en la CLI de Cisco IOS XR Software podrían permitir a un atacante local autenticado con una cuenta de bajo privilegio elevar los privilegios en un dispositivo afectado. Para conseguir más información sobre estas vulnerabilidades, consulte la sección Details de este aviso",
      },
   ],
   id: "CVE-2021-34719",
   lastModified: "2024-11-21T06:11:02.477",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-09-09T05:15:11.310",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privescal-dZYMrKf",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-01-26 05:15
Modified
2024-11-21 04:29
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Intermediate System&ndash;to&ndash;Intermediate System (IS&ndash;IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS&ndash;IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS&ndash;IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS&ndash;IS process.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 4.3.2
cisco xr_12404 -
cisco xr_12406 -
cisco xr_12410 -
cisco xr_12416 -
cisco ios_xr 5.2.5
cisco ios_xr 6.2.2
cisco ios_xr 6.2.3
cisco ios_xr 6.2.25
cisco ios_xr 6.3.3
cisco ios_xr 6.4.2
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr 6.1.3
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.2.25
cisco ios_xr 6.3.3
cisco ios_xr 6.4.2
cisco ios_xr 6.5.2
cisco ios_xr 6.5.3
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr 6.1.3
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.3.3
cisco ios_xr 6.3.15
cisco ios_xr 6.5.2
cisco ios_xr 6.5.3
cisco ios_xr 6.6.1
cisco ios_xr 6.6.25
cisco ncs_5500 -
cisco ncs_5501 -
cisco ncs_5502 -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.4.2
cisco crs -
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.4.2
cisco ios_xr 6.5.3
cisco ios_xr 6.6.2
cisco xrv_9000 -
cisco ios_xr 6.3.3
cisco ios_xr 6.5.3
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ios_xr 6.6.25
cisco ncs_560 -
cisco ios_xr 6.1.2
cisco ios_xr 6.1.3
cisco ios_xr 6.1.4
cisco ios_xr 6.2.2
cisco ios_xr 6.2.3
cisco ios_xr 6.3.2
cisco ios_xr 6.3.3
cisco ios_xr 6.4.2
cisco ios_xr 6.5.2
cisco ios_xr 6.5.3
cisco ios_xr 6.6.2
cisco asr_9000 -
cisco asr_9000v v2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "73D962D3-563F-4CDE-B51D-224D7995FBC9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:xr_12404:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE1F838A-6CB9-4948-AC05-6C0CF412FF6D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xr_12406:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DBE5027B-E4E9-4661-9480-F344D5AF7620",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xr_12410:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "198D511F-F024-4E91-B323-7F1CDA0AE4E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xr_12416:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ADE218D-CD09-4334-8C83-AFAC8D41F61E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F517C60E-4580-486E-9A03-82A023755374",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "370F74EC-829D-4574-BE7D-85700E15C433",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "11E58E99-E8DD-4AF1-BA44-7E81223AB1F7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "D093D77E-66E3-4659-820E-F7E03A51A83C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "370F74EC-829D-4574-BE7D-85700E15C433",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "11E58E99-E8DD-4AF1-BA44-7E81223AB1F7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DE98B34-501B-449A-843A-58F297EDBE1B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "D093D77E-66E3-4659-820E-F7E03A51A83C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "370F74EC-829D-4574-BE7D-85700E15C433",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.3.15:*:*:*:*:*:*:*",
                     matchCriteriaId: "31EC2C35-59C4-4827-89B6-F1A1EDEF8EFF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DE98B34-501B-449A-843A-58F297EDBE1B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "370F74EC-829D-4574-BE7D-85700E15C433",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B051AF4-592A-4201-9DD3-8683C1847A00",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "370F74EC-829D-4574-BE7D-85700E15C433",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0235F415-F327-4914-8E2A-96334984797D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "D093D77E-66E3-4659-820E-F7E03A51A83C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F517C60E-4580-486E-9A03-82A023755374",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "370F74EC-829D-4574-BE7D-85700E15C433",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "540112FA-0329-4CD3-B57B-8CAA6DAC80C7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DE98B34-501B-449A-843A-58F297EDBE1B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FEF8271-315F-4756-931F-015F790BE693",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E7ED87-8AC0-4107-A7A5-F334236E2906",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the implementation of the Intermediate System&ndash;to&ndash;Intermediate System (IS&ndash;IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS&ndash;IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS&ndash;IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS&ndash;IS process.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de la funcionalidad del protocolo de enrutamiento Intermediate System–to–Intermediate System (IS–IS) en Cisco IOS XR Software, podría permitir a un atacante remoto autenticado causar una condición de denegación de servicio (DoS) en el proceso IS–IS. La vulnerabilidad es debido al manejo inapropiado de una petición de Protocolo Simple Network Management Protocol (SNMP) para Object Identifiers (OIDs) específicos por el proceso IS–IS. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición SNMP diseñada hacia el dispositivo afectado. Una explotación con éxito podría permitir al atacante causar una condición DoS en el proceso IS–IS.",
      },
   ],
   id: "CVE-2019-16027",
   lastModified: "2024-11-21T04:29:57.407",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "PARTIAL",
               baseScore: 4,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:S/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.7,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.1,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-01-26T05:15:16.677",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2015-04-11 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=38292Vendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1032059
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=38292Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032059
Impacted products
Vendor Product Version
cisco ios_xr 5.3.0_base
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.3.0_base:*:*:*:*:*:*:*",
                     matchCriteriaId: "74783CCE-2295-4FFE-9978-0E7751099D27",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.",
      },
      {
         lang: "es",
         value: "Los dispositivos Cisco ASR 9000 con software 5.3.0.BASE no reconocen que ciertas entradas ACL tienen una limitación de un anfitrión único, lo que permite a atacantes remotos evadir las restricciones de acceso de los recursos de la red mediante el uso de una dirección que se suponía que no se permitía, también conocido como Bug ID CSCur28806.",
      },
   ],
   id: "CVE-2015-0694",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2015-04-11T01:59:03.803",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38292",
      },
      {
         source: "psirt@cisco.com",
         url: "http://www.securitytracker.com/id/1032059",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38292",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id/1032059",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-284",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2018-03-28 22:29
Modified
2025-01-27 19:58
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/103564Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1040586Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-107-03Third Party Advisory, US Government Resource
psirt@cisco.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-107-04Third Party Advisory, US Government Resource
psirt@cisco.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-107-05Third Party Advisory, US Government Resource
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldpVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/103564Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1040586Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldpVendor Advisory
Impacted products
Vendor Product Version
cisco ios 5.2.0.base
cisco ios_xe 5.2.0.base
cisco ios_xr *
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios *
cisco ios_xe *
rockwellautomation allen-bradley_stratix_5900 -
cisco ios *
cisco ios_xe *
rockwellautomation allen-bradley_armorstratix_5700 -
rockwellautomation allen-bradley_stratix_5400 -
rockwellautomation allen-bradley_stratix_5410 -
rockwellautomation allen-bradley_stratix_5700 -
rockwellautomation allen-bradley_stratix_8000 -
cisco ios *
cisco ios_xe *
rockwellautomation allen-bradley_stratix_8300 -


To clipboard 

{
   cisaActionDue: "2022-03-17",
   cisaExploitAdd: "2022-03-03",
   cisaRequiredAction: "Apply updates per vendor instructions.",
   cisaVulnerabilityName: "Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios:5.2.0.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F1A8DE5-8DBB-4A09-A9F2-8B5AF5E46896",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:5.2.0.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "95ECCCEC-FA36-481E-B714-3DA57AE89C5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2213E83-7143-4ABF-9EFD-EB0928996464",
                     versionEndExcluding: "5.1.3",
                     versionStartIncluding: "4.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "65FB1D01-2A6F-496E-AD56-BBE03DEB9493",
                     versionEndIncluding: "15.6.3m1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E51621B6-010D-4D9F-9A9D-C354D8BB8135",
                     versionEndIncluding: "15.6.3m1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1609D07F-FF2D-49D8-8672-9C512A69479D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AEE6CC29-29A9-4465-B0EA-1ECC435EBC55",
                     versionEndIncluding: "15.2\\(6\\)e0a",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DBBC562A-BC2C-4F64-B5D4-47C33BBEE3C7",
                     versionEndIncluding: "15.2\\(6\\)e0a",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:rockwellautomation:allen-bradley_armorstratix_5700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8849345-E011-4160-A91C-DB760497AF9A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE92939D-3D1E-445C-8888-F3EB4E35A034",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5410:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B148D62-D1B2-4E40-9DDD-A8702DFAD2E4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_5700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8994DEA7-C4EC-47B9-8AEA-832AF9D1F8E4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_8000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9A02987-E6F4-41D2-92C5-016A22AC7D0A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C7690EC4-F375-4D0A-8EED-26E01ECFDE55",
                     versionEndIncluding: "15.2\\(4a\\)ea5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C90778E3-4A55-498F-9CD6-80F8029AA722",
                     versionEndIncluding: "15.2\\(4a\\)ea5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:rockwellautomation:allen-bradley_stratix_8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A97B3B5-6606-46F5-BCD8-141FDD6F6729",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades de desbordamiento de búfer en el subsistema LLDP (Link Layer Discovery Protocol) de Cisco IOS Software, Cisco IOS XE Software y Cisco IOS XR Software podrían permitir que un atacante adyacente sin autenticar provoque una condición de denegación de servicio (DoS) o que ejecute código arbitrario con privilegios elevados en un dispositivo afectado. Cisco Bug IDs: CSCuo17183, CSCvd73487.",
      },
   ],
   id: "CVE-2018-0167",
   lastModified: "2025-01-27T19:58:42.990",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 8.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2018-03-28T22:29:00.907",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/103564",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1040586",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/103564",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1040586",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-03",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-119",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-119",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-09-13 17:15
Modified
2024-11-21 07:40
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgBVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgBVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco 8201 -
cisco 8202 -
cisco 8208 -
cisco 8212 -
cisco 8218 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_4009 -
cisco ncs_4016 -
cisco ncs_4201 -
cisco ncs_4202 -
cisco ncs_4206 -
cisco ncs_4216 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_540 -
cisco ncs_5500 -
cisco ncs_5501 -
cisco ncs_5501 se
cisco ncs_5502 -
cisco ncs_5502 se
cisco ncs_5504 -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ncs_57b1-5dse-sys -
cisco ncs_57b1-6d24-sys -
cisco ncs_57c1-48q6-sys -
cisco ncs_57c3-mod-sys -
cisco ncs_57c3-mods-sys -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F31C819-2725-4295-8FF3-BA00A7A6BE92",
                     versionEndExcluding: "7.10.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8208:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A34DAD43-0C95-4830-8078-EFE3E6C0A930",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8212:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "46F5CBF0-7F55-44C0-B321-896BDBA22679",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8218:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D381E343-416F-42AF-A780-D330954F238F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE2514A1-486C-40F7-8746-56E2B973CBE6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FEF8271-315F-4756-931F-015F790BE693",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E7ED87-8AC0-4107-A7A5-F334236E2906",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F40E779D-5865-4E4B-AE2D-CF1860BA19E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC6A867F-E809-4CB5-82DB-2670CB0A6359",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41C5ECF8-EFFE-4C27-8DCB-2533BFD5200F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "68C23248-3D61-4BAF-9602-BA31FB4374DD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4206:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C36494B4-8E2D-4399-97B5-725792BD5C45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4216:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0819EF17-5102-45FF-96AD-85BE17FD6921",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*",
                     matchCriteriaId: "22FE69B4-DF27-46F1-8037-4B8D1F229C6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*",
                     matchCriteriaId: "603980FE-9865-4A71-A37C-A90B7F3B72D6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5504:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6AC4E089-296D-4C19-BF21-DDF2501DD77C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08864A59-0840-4407-8D30-9CE34BAF05E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "13EEDD1C-25BC-4AFA-AF60-66DE36927528",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5CD3B06B-864E-4A35-B0C3-1654390022D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD1B4F37-5AAA-4F40-8865-226289CB5CEB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_57c3-mod-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "355F78C3-C07F-48C3-9B6E-55714EAA7331",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_57c3-mods-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98F06B5D-6CE8-42C3-8760-89B4EF1FFC21",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device.\r\n\r This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la función de arranque iPXE del software Cisco IOS XR podría permitir que un atacante local autenticado instale una imagen de software no verificada en un dispositivo afectado. Esta vulnerabilidad se debe a una verificación de imagen insuficiente. Un atacante podría aprovechar esta vulnerabilidad manipulando los parámetros de arranque para la verificación de imágenes durante el proceso de arranque iPXE en un dispositivo afectado. Una explotación exitosa podría permitir al atacante iniciar una imagen de software no verificada en el dispositivo afectado.",
      },
   ],
   id: "CVE-2023-20236",
   lastModified: "2024-11-21T07:40:57.700",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-09-13T17:15:09.607",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-347",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-345",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-09-30 19:15
Modified
2024-11-21 06:43
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNzVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNzVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 17.6.1
cisco ios_xe 17.6.3
cisco ios_xe 17.9.1
cisco 1000_integrated_services_router -
cisco 1100-4g\/6g_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 3000_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 4321_integrated_services_router -
cisco 4331_integrated_services_router -
cisco 4351_integrated_services_router -
cisco 4431_integrated_services_router -
cisco 4451-x_integrated_services_router -
cisco 4451_integrated_services_router -
cisco 4461_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8800_12-slot -
cisco 8800_18-slot -
cisco 8800_4-slot -
cisco 8800_8-slot -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco 9800-40 -
cisco 9800-80 -
cisco 9800-cl -
cisco 9800-l -
cisco asr-920-10sz-pd -
cisco asr-920-12cz-a -
cisco asr-920-12cz-d -
cisco asr-920-12sz-a -
cisco asr-920-12sz-d -
cisco asr-920-12sz-im -
cisco asr-920-12sz-im-cc -
cisco asr-920-20sz-m -
cisco asr-920-24sz-im -
cisco asr-920-24sz-m -
cisco asr-920-24tz-im -
cisco asr-920-24tz-m -
cisco asr-920-4sz-a -
cisco asr-920-4sz-d -
cisco asr-9901-rp -
cisco asr_1000 -
cisco asr_1000-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_900 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-10sz-pd_router -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-a_router -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12cz-d_router -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-12sz-im_router -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-im_router -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24sz-m_router -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-24tz-m_router -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-a_router -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920-4sz-d_router -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco asr1000-2t\+20x1ge -
cisco asr1000-6tge -
cisco asr1000-esp200 -
cisco asr1000-mip100 -
cisco asr1000-rp3 -
cisco asr1001-hx -
cisco asr1001-hx-rf -
cisco asr1001-x -
cisco asr1001-x-rf -
cisco asr1001-x-ws -
cisco asr1002-hx -
cisco asr1002-hx-rf -
cisco asr1002-hx-ws -
cisco asr1002-x -
cisco asr1002-x-rf -
cisco asr1002-x-ws -
cisco catalyst_3650 -
cisco catalyst_3650-12x48fd-e -
cisco catalyst_3650-12x48fd-l -
cisco catalyst_3650-12x48fd-s -
cisco catalyst_3650-12x48uq -
cisco catalyst_3650-12x48uq-e -
cisco catalyst_3650-12x48uq-l -
cisco catalyst_3650-12x48uq-s -
cisco catalyst_3650-12x48ur -
cisco catalyst_3650-12x48ur-e -
cisco catalyst_3650-12x48ur-l -
cisco catalyst_3650-12x48ur-s -
cisco catalyst_3650-12x48uz -
cisco catalyst_3650-12x48uz-e -
cisco catalyst_3650-12x48uz-l -
cisco catalyst_3650-12x48uz-s -
cisco catalyst_3650-24pd -
cisco catalyst_3650-24pd-e -
cisco catalyst_3650-24pd-l -
cisco catalyst_3650-24pd-s -
cisco catalyst_3650-24pdm -
cisco catalyst_3650-24pdm-e -
cisco catalyst_3650-24pdm-l -
cisco catalyst_3650-24pdm-s -
cisco catalyst_3650-24ps-e -
cisco catalyst_3650-24ps-l -
cisco catalyst_3650-24ps-s -
cisco catalyst_3650-24td-e -
cisco catalyst_3650-24td-l -
cisco catalyst_3650-24td-s -
cisco catalyst_3650-24ts-e -
cisco catalyst_3650-24ts-l -
cisco catalyst_3650-24ts-s -
cisco catalyst_3650-48fd-e -
cisco catalyst_3650-48fd-l -
cisco catalyst_3650-48fd-s -
cisco catalyst_3650-48fq -
cisco catalyst_3650-48fq-e -
cisco catalyst_3650-48fq-l -
cisco catalyst_3650-48fq-s -
cisco catalyst_3650-48fqm -
cisco catalyst_3650-48fqm-e -
cisco catalyst_3650-48fqm-l -
cisco catalyst_3650-48fqm-s -
cisco catalyst_3650-48fs-e -
cisco catalyst_3650-48fs-l -
cisco catalyst_3650-48fs-s -
cisco catalyst_3650-48pd-e -
cisco catalyst_3650-48pd-l -
cisco catalyst_3650-48pd-s -
cisco catalyst_3650-48pq-e -
cisco catalyst_3650-48pq-l -
cisco catalyst_3650-48pq-s -
cisco catalyst_3650-48ps-e -
cisco catalyst_3650-48ps-l -
cisco catalyst_3650-48ps-s -
cisco catalyst_3650-48td-e -
cisco catalyst_3650-48td-l -
cisco catalyst_3650-48td-s -
cisco catalyst_3650-48tq-e -
cisco catalyst_3650-48tq-l -
cisco catalyst_3650-48tq-s -
cisco catalyst_3650-48ts-e -
cisco catalyst_3650-48ts-l -
cisco catalyst_3650-48ts-s -
cisco catalyst_3650-8x24pd-e -
cisco catalyst_3650-8x24pd-l -
cisco catalyst_3650-8x24pd-s -
cisco catalyst_3650-8x24uq -
cisco catalyst_3650-8x24uq-e -
cisco catalyst_3650-8x24uq-l -
cisco catalyst_3650-8x24uq-s -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
cisco catalyst_9200 -
cisco catalyst_9200cx -
cisco catalyst_9200l -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9400 -
cisco catalyst_9400_supervisor_engine-1 -
cisco catalyst_9407r -
cisco catalyst_9410r -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9600_supervisor_engine-1 -
cisco catalyst_9600x -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-80 -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -
cisco catalyst_ie3200 -
cisco catalyst_ie3300 -
cisco catalyst_ie3400 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DE62C4B-7C06-4907-BADE-416C1618D2D9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B78942C-BEE1-4D18-9075-8E1D991BF621",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B0C2129-8149-4362-827C-A5494C9D398B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4856E07-B3C2-4674-9584-866F6AF643B2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B80890A8-E3D3-462C-B125-9E9BC6525B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0547E196-5991-4C33-823A-342542E9DFD3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3F374DC-B9F7-4515-A064-01BB436CA984",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D916389F-54DB-44CB-91DD-7CE3C7059350",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:3000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9B8C4D97-A430-45FB-9EF5-B6E4DBA1BD31",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9421DBEF-AE42-4234-B49F-FCC34B804D7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5419CB9F-241F-4431-914F-2659BE27BEA5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7DE02DBE-EAD5-4F37-8AB7-DF46A605A0E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "818CEFA6-208C-43C3-8E43-474A93ADCF21",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82225D40-537F-41D2-B1C4-1B7D06466B06",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8B60888-6E2B-494E-AC65-83337661EE7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE2514A1-486C-40F7-8746-56E2B973CBE6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2C3816C-95F4-443C-9C79-72F0251528F4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1810C73-93B8-4EB5-85FC-3585AD5256BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE2BC76E-A166-4E71-B058-F49FF84A9E19",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "542244A0-300C-4630-812A-BF45F61E38DD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-10sz-pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FCA2DB2-AE09-4A99-90C9-60AE0CD9A035",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12cz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "11B83BED-5A49-4CF0-9827-AA291D01F60E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12cz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C1E8937-51D9-43E6-876E-5D39AD3D32C4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12sz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2CA7AE63-99B9-4F28-8670-639A9B31E494",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12sz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E858B4AB-49B1-4F1C-8722-6E6911194924",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D9ECE39-C111-412B-AF56-9B7435D98FE0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-12sz-im-cc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "577D1BF2-5180-4301-941C-3C0ADDD23AA6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-20sz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60DFE60A-34C5-42C3-B539-57AAA9D4F684",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-24sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1B25F27-6527-46F8-9C1A-4B4F79F3E6C4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-24sz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FE70CCD-6062-45D8-8566-7C9E237E030F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-24tz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EA3A897-ED4E-417F-BA6C-C1A825A210F6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-24tz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "375F9E12-A61B-4FD3-AE07-D4E686EB112A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-4sz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D724F932-4548-429D-8CAA-E82C3435A194",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-920-4sz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BCC94C3-9EEF-4600-BE82-8AEDEB0F1446",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr-9901-rp:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE36709F-DCF2-428F-8746-9C5096182E87",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91209C16-A620-44A0-9134-8AA456343F29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE2182E7-C813-4966-A36C-E648A9344299",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED7C321E-F083-4AB6-96A0-D6358980441E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7594E307-AC80-41EC-AE94-07E664A7D701",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33208B25-0CBB-4E31-A892-60B7B5625155",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "09C913FF-63D5-43FB-8B39-598EF436BA5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4376E56-A21C-4642-A85D-439C8E21CD7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "444F688F-79D0-4F22-B530-7BD520080B8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51F2A755-556C-4C5E-8622-96D124319AF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7428E0A8-1641-47FB-9CA9-34311DEF660D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7401B7-094C-46EB-9869-2F0372E8B26B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "854D9594-FE84-4E7B-BA21-A3287F2DC302",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C81CC6E3-B989-4730-820E-46734E3E608D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FEF8271-315F-4756-931F-015F790BE693",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E673A75F-EFF8-4591-8E0F-A21083563DBA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "A50A1CA4-F928-4787-ADB4-0274301B7EF6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "515CD97F-DDBD-4F75-A6DB-646890A30B32",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E181FC9-6790-4C12-874F-67252B6879BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE063AF2-5579-4D7E-8829-9102FC7CB994",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4A46-10D3-48F8-9E92-377ACA447257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DBE110B5-CC6E-4103-9983-4195BCC28165",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B97DDC45-ABD1-4C8F-A249-0865345637A4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D8A748B-DDA9-4F0B-9AAA-F9A62BBC3DCB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FE4D129-435B-45DD-838D-4017BD94DF93",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "456C68A8-F3C8-4302-B55A-134979B42045",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F681230-2530-4ED9-85E9-FE7A57FCF2F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17C6733C-F77B-4688-B051-C1557F4D8D41",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E3D23C1-FE0E-4D33-9E89-07A4135E1360",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2BD45D77-4097-4AFB-98DF-5B8188316C20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E598123-4AF8-44F6-BE87-9F62007FF658",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31608C12-FBED-4EAD-96EC-48BC4B356B77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC28F05-20D0-4518-93FF-F254BA81E4B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D989205A-0576-415C-935E-E83AD42FD1CB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D2BCA1C7-5642-4A2B-9E61-B141E70E098A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C3EB40-574A-48F7-A679-90F62ED976B5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6CC6206-DF19-4636-84C2-8912E443D122",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C27ED272-FCA6-4002-93E1-EF0B89C84572",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85489F69-EAF0-4971-8C93-36838A8AA00E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAD184DD-8774-4C18-BE53-BC6B133B01C8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "22F587F6-876D-4AE4-B6BD-ED50D47F5361",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA179D79-07E7-4721-85BB-0C740B516B1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "9FF5102C-3163-48F1-8D44-352D6715288D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E7ED87-8AC0-4107-A7A5-F334236E2906",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1000-2t\\+20x1ge:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "77D24BB4-6357-4BFC-A4CB-B33ECDEB3BEE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1000-6tge:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B1F849A-05BA-4CA2-96AA-F8DFD5E725A5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1000-esp200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB060D83-2924-4D1D-9FEE-F8087FA8976D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1000-mip100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CF4D0E5-FF09-4919-B603-B42DB535386C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1000-rp3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "22C36989-4353-4B81-8B0F-FC6322C1C179",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1001-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C24227E-9FF6-4757-A342-958CA4B8BF63",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1001-hx-rf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E529335-18D1-4CEC-A8D5-CC1CA33D64F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1001-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3072DEFA-61D6-413F-97FD-F64C0E90155C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1001-x-rf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9FBFB5C-347B-4F73-93BE-4D3137D8F93A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1001-x-ws:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F040372-CDAD-4AC4-9B7C-BFF9658B6BF2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C33862F1-652A-4F60-BD3E-A6B3733E56A9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-hx-rf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "130205FD-CA31-4E49-B8C4-181840270C70",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-hx-ws:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "908A56D8-64AF-4813-9D4D-C429C0603A31",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03A2AA1C-7568-4BB6-BBD3-8E03D32CDA1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-x-rf:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "53DAF422-7E0B-44EB-AD8D-4643A9711739",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr1002-x-ws:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F7F661E-335C-4123-9363-E2E5D51846C1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7814FA61-CAF1-46DE-9D84-CEBE6480EA03",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EE4F60E-DF3D-4839-8731-7CF16DA8FF26",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8EA5EEE3-A084-46B4-84C0-ADFD69800649",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "592F67D5-344B-49AF-A277-1089A40AC2FD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7434059A-25B8-4FAC-A756-6E571348B76E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB2A5355-BF40-437C-8683-A7A81DEE362C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43F4B90E-3499-45D4-864D-18505E2149F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B9BE6BA-6B2D-47C9-B8F1-3C9CE213948D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "858FEECF-CC69-4E68-8E8A-674643021964",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE5FCCFF-E491-474F-9B86-AB51D8244582",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA8464F8-D6D2-4165-ADE8-B40F7D8556C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61007628-A81B-43E0-86DE-1F7DDAD9F1A7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91B9F022-4C3D-493E-9418-E9CDDAFEC9B1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C3F03C3-C0CA-4E9B-A99A-BE28153EB5C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B39F250E-6A89-4537-BD31-1FB81734A9A1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB4E3B69-DDE8-4EA2-8E63-D6EEF41083B3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8904EAF5-25E7-4A6B-8117-1859F913B83B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A369CD35-1242-4556-A83D-BD69CC149CFA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA2D1B9E-6234-4FD6-A003-AFBC8A4DC2E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "784A1499-1F33-493D-B433-EB2550C03C19",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "59A990D6-B748-4AFD-B924-1D19680BD3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CECFC88D-5480-46E4-BF74-E11A514A8BDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E54D16A8-0407-41E3-9599-9A6F57E1AA75",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C94A9A21-C4F7-4EA4-95B1-DEA7DDA0F77D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF3818CC-8653-4A9E-A57B-950A15914D6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EDC790B-B42D-45DB-ACF5-A789F76C2BC4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2A6BC84-91F2-437D-9D2E-F8B3F5966767",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F331F13-5D05-4213-B442-D48D8E22287B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6E312F4-90DA-40E4-BCD1-92F41BEEEECF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA32EA3F-946D-430D-B00F-939D828DD72C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D239A09C-34D2-4418-B538-03A1080B8479",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C84561E-DD99-4433-9EF2-083F7C300123",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B29871BE-CA7D-4108-B46A-CBD539C9A2B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39CD9189-6524-4157-B90E-FF6A81DE3599",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2CF1B702-643A-4AF2-B0AD-3C540CF85F2A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "96269625-CB31-4850-872B-B2C1321B13B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "426B68A6-3A41-43DB-846F-AEFBA62E221B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDE086A-3FE5-46E3-BD66-23D0AE5089BE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA53775A-D3ED-4D34-8338-A384DBEB94E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7D4522-D6BB-467F-AF5D-4D753A89D524",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C96215F-A300-4B4E-9D3A-C32E484BFC5B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C680534-C663-40B0-A4AA-7F292EE60FE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BAF4F233-7B47-46ED-BDC5-A589BCFC0B39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A528EC0-4650-4787-BE52-A588E7E38A31",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "53898E96-03D6-43A2-AE05-46C62464BD26",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "465917E5-8BF0-4BBB-85A0-DE8F516880C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9FA66D9-E465-406E-A95C-608A1BE34D74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4EFFE6E6-413F-48AC-B4CE-0F1058C48FC2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1456B204-A2A5-4790-A684-7F50D692EC9F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD715BDD-7C74-4785-BEDF-75918F6FB37A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4CD10664-94D0-48C0-92EF-E8EA66841245",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "071A47F9-FF35-4F2C-BF5D-897CAC8BC08A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E988448-36C9-47E0-9356-DA400EB824E3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D067EF9-00DB-4979-B12E-55749059A083",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A9FA300A-44B1-44EE-8111-C1296EB0B638",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8598A543-B30B-4BD4-9974-F432FFFDCDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "48DEBBAD-D28D-4784-BBD8-9FAD1710A919",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A5FC516-6B48-4D77-B26D-FA097AC91D1A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A7437E4-5C09-436C-AFBC-F6B6747A4339",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ECBC0277-4990-4DE7-AD80-20E8A6F561D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E7DAF69-662B-4999-A6AD-AA528B53EAF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DF90C70-A2B8-44A4-B4A1-2A1B48AA9D0A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D28306B1-3DDE-4444-9784-522B3D2163EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9257D187-1F2D-40F4-8C87-78978DB56C3F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BF4A033-FD9E-4B98-A0FD-CF6CD9BD3E5B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4AF8261-74E0-4F53-B82C-A7BA7559D7CB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "25AE251E-E99F-4546-85B0-C57834B040B7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C62FFCB9-4253-459B-9298-C252DA9177DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "991CBDFB-6836-4D1F-80A9-14EBCE3F855F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B4C0250-DA0D-4CEE-99F4-C211163C6653",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E18C436-AC70-4E2E-8ED2-EEADFCE36CB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D453BF6-AB9F-4D47-B4DF-C25C67358FFE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "005F5347-A5E6-4954-ACAB-E4DF29119724",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "882B8D8F-E154-45C3-BB47-5353167C9776",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E87F823-D924-4718-AD81-248A6C619531",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E45BCCD0-65BB-431F-B448-221C1595CD92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F33BA722-0680-4074-8D03-41657F8CDCC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "295C46B4-5E9F-4DD8-861B-00BA43923306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F840171D-CA1C-4E25-BD41-6B871C47BB84",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B240B20-CF48-4A72-9653-9D04D59C1391",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74CCD143-3D6E-4880-B275-ECF5B04238C6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D58FF034-8E07-4518-A858-5F16F22217E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "376AD386-373D-4B24-966F-D11F76C9020F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0C1174-C789-4547-9899-F7FCD0905F92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC366801-655A-403B-ACD9-3BB43802A3C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47E4D5A8-7E4A-44C5-81DC-84712781206D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B13D6D50-D0FA-4527-BED3-52560DDD5253",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "965BF315-D833-4711-97FC-512151113367",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04072C0F-78A2-4D10-87B2-52DC2537BA89",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD262F58-C47F-439E-A9FF-D1C60120D306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE9EABE0-5FB0-4277-A389-87732E750B7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B207857B-C483-47DF-9FC7-6A05B866BF60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04AB61E9-0148-495E-BD21-64D52DE60A6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85D2C587-E95B-4E74-88CF-5930072258D3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74270062-2030-45A0-9C93-C1F3B7C88E8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F403859-F034-4DD9-9CA5-708EADECB380",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0972076B-5C87-44B3-90EC-4C200B89318A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74AED057-2458-4DE0-8D51-ABD766D07F68",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19538C03-5FB8-4401-8B21-489C629D7E7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B26D7061-F471-4DF0-A892-ED132958B84A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "033ED443-80E7-4012-9825-07AAC0D44B96",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD3F3CC6-A349-47B1-B282-B6458683C191",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "21AFDC0D-7629-424E-827B-C8A8767324C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A263CFF2-A659-405B-90EA-51E49B25C6D3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CEFBD449-217D-4569-99F7-D56B853A3E07",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED668FC-D1A5-4175-A234-23760BA6E788",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D650C48-9241-42F7-87A9-20733329489A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82D345E7-8208-41AC-B11A-4425D29E98A1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E386D461-F1C1-4970-B056-D6119E74D449",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "226F985C-4669-4D0A-9DB4-CB1465B37B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B736A43-6F4E-40A9-84E4-D9E251489234",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E99CA124-7D86-463B-A31E-A7836B7493E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E014B028-8DD9-428C-B705-8F428F145932",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5306E847-C718-4C83-9C97-8AB498DC4A88",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18287CEF-B574-4498-A256-567CA6E6CA7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5713043E-2535-4540-B3EF-41FAC40BECE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67701D77-8B03-446A-AE22-4B8CCCD6F029",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "831A2390-7170-4FC0-A95E-3DAB1791017D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "493989DC-8F1B-45C9-AD11-38B97B958C9C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F168FB20-0C44-4A5B-910A-04B9517545C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "737F22AB-C5A9-4A18-BA3D-38A222491397",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9400_supervisor_engine-1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E5DCFD5-2B46-4D06-9E4C-B2325F440F02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5508320-8318-41A8-8026-4A61907C1CD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "176ACF88-6112-4179-8492-50C50577B300",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D07FC868-0B38-4F24-BA40-87966FF80AB7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EA59279-3504-417D-9E86-E5886EE198BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B0E620C-8E09-4F7C-A326-26013173B993",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EACA55A5-4E73-4187-96BE-08E04F2C7659",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E31CB8F-60FF-4D03-BE8C-824ECE967797",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la funcionalidad de procesamiento UDP del software Cisco IOS XE para controladores inalámbricos integrados en los puntos de acceso de la serie Catalyst 9100 podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS). Esta vulnerabilidad es debido al procesamiento inapropiado de los datagramas UDP. Un atacante podría aprovechar esta vulnerabilidad mediante el envío de datagramas UDP maliciosos a un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar a el dispositivo recargarse, resultando en una condición de DoS",
      },
   ],
   id: "CVE-2022-20848",
   lastModified: "2024-11-21T06:43:40.767",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-09-30T19:15:12.430",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-udp-dos-XDyEwhNz",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-03-09 22:15
Modified
2024-11-21 07:40
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbTVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbTVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco ios_xr 7.7
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "873225C3-D2D1-41C0-9C75-016E53A7BBEB",
                     versionEndExcluding: "7.5.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "864E90A6-B93D-4213-85D8-A2D847848A9E",
                     versionEndExcluding: "7.6.2",
                     versionStartIncluding: "7.6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C8039EF-44D6-4C19-A3B3-37B75FB8D640",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads.",
      },
   ],
   id: "CVE-2023-20049",
   lastModified: "2024-11-21T07:40:26.213",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-03-09T22:15:52.200",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbT",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bfd-XmRescbT",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-805",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-119",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2014-07-24 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.
References
psirt@cisco.comhttp://secunia.com/advisories/60311
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322Vendor Advisory
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=35009Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/68833Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1030623Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60311
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=35009Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/68833Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030623Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr 4.3.0
cisco ios_xr 4.3.1
cisco asr_9000_rsp440_router -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "88B692CE-4052-4F9D-8A87-3E93DCBAAD6D",
                     versionEndIncluding: "4.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "074571B4-65EF-451A-89DC-0797F6E4BFEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D909532E-85F5-4201-8BFF-561A21998D97",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A580194-1B06-4D71-B618-345046DBA9C6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.",
      },
      {
         lang: "es",
         value: "Cisco IOS XR 4.3(.2) y anteriores en los dispositivos ASR 9000 no realiza debidamente el muestreo NetFlow de paquetes IP, lo que permite a atacantes remotos causar una denegación de servicio (cuelgues de chip y tarjeta) a través de paquetes (1) IPv4 o (2) IPv6 malformados, también conocido como Bug ID CSCuo68417.",
      },
   ],
   id: "CVE-2014-3322",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2014-07-24T14:55:07.723",
   references: [
      {
         source: "psirt@cisco.com",
         url: "http://secunia.com/advisories/60311",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35009",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/68833",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1030623",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/60311",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3322",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=35009",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/68833",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1030623",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-08-29 16:15
Modified
2025-02-24 15:39
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.4.2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   cisaActionDue: "2022-05-03",
   cisaExploitAdd: "2021-11-03",
   cisaRequiredAction: "Apply updates per vendor instructions.",
   cisaVulnerabilityName: "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address this vulnerability.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la funcionalidad del Distance Vector Multicast Routing Protocol (DVMRP) de Cisco IOS XR Software, podría permitir a un atacante remoto no autenticado agotar la memoria de proceso de un dispositivo afectado. La vulnerabilidad es debido a una gestión de cola insuficiente para los paquetes Internet Group Management Protocol (IGMP). Un atacante podría explotar esta vulnerabilidad mediante el envío de tráfico IGMP diseñado hacia un dispositivo afectado. Una explotación con éxito podría permitir a un atacante agotar la memoria, resultando en una inestabilidad de otros procesos. Estos procesos pueden incluir, pero no se limitan a, protocolos de enrutamiento interior y exterior. Cisco lanzará actualizaciones de software que abordan esta vulnerabilidad",
      },
   ],
   id: "CVE-2020-3566",
   lastModified: "2025-02-24T15:39:27.530",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-08-29T16:15:09.797",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-770",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2015-07-22 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows remote attackers to cause a denial of service (BGP process reload) via malformed BGPv4 packets, aka Bug ID CSCur70670.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=40067Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/75980
psirt@cisco.comhttp://www.securitytracker.com/id/1033017
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=40067Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/75980
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033017
Impacted products
Vendor Product Version
cisco ios_xr 5.3.0
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5F1F85C-B63F-4D6F-9918-4A5E4945B96B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows remote attackers to cause a denial of service (BGP process reload) via malformed BGPv4 packets, aka Bug ID CSCur70670.",
      },
      {
         lang: "es",
         value: "El proceso Concurrent Data Management Replication en Cisco IOS XR 5.3.0 en los dispositivos ASR 9000, permite a atacantes remotos provocar una denegación de servicio (recarga del proceso BGP) a través de paquetes BGPv4 deformados, también conocido como Bug ID CSCur70670.",
      },
   ],
   id: "CVE-2015-4284",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2015-07-22T14:59:02.377",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40067",
      },
      {
         source: "psirt@cisco.com",
         url: "http://www.securityfocus.com/bid/75980",
      },
      {
         source: "psirt@cisco.com",
         url: "http://www.securitytracker.com/id/1033017",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=40067",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/75980",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id/1033017",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco ios_xr *
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
                     versionEndIncluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
                     versionEndIncluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08864A59-0840-4407-8D30-9CE34BAF05E7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.",
      },
      {
         lang: "es",
         value: "Varias vulnerabilidades en la CLI de Cisco IOS XR Software podrían permitir a un atacante local autenticado conseguir acceso al shell root subyacente de un dispositivo afectado y ejecutar comandos arbitrario con privilegios de root. Para conseguir más información sobre estas vulnerabilidades, consulte la sección Details de este aviso",
      },
   ],
   id: "CVE-2021-34721",
   lastModified: "2024-11-21T06:11:02.840",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.9,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.4,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-09-09T05:15:11.677",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2015-09-18 22:59
Modified
2025-04-12 10:46
Severity ?
Summary
The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=41060Vendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1033614Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=41060Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033614Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco ios_xr 5.2.0_base
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.0_base:*:*:*:*:*:*:*",
                     matchCriteriaId: "AF27ECE7-0B44-4369-AC27-C23AEB9F7C8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525.",
      },
      {
         lang: "es",
         value: "Vulnerabilidad en el servidor DHCPv6 en Cisco IOS en dispositivos ASR 9000 con software 5.2.0 Base, permite a atacantes remotos provocar una denegación de servicio (reinicio de proceso) a través de paquetes manipulados, también conocida como Bug ID CSCun36525.",
      },
   ],
   id: "CVE-2015-6297",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2015-09-18T22:59:04.343",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=41060",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033614",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=41060",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1033614",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2016-05-25 01:59
Modified
2025-04-12 10:46
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xrVendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1035934
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xrVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1035934
Impacted products
Vendor Product Version
cisco ios_xr 2.0.0
cisco ios_xr 3.0.0
cisco ios_xr 3.0.1
cisco ios_xr 3.2.0
cisco ios_xr 3.2.1
cisco ios_xr 3.2.2
cisco ios_xr 3.2.3
cisco ios_xr 3.2.4
cisco ios_xr 3.2.6
cisco ios_xr 3.2.50
cisco ios_xr 3.3.0
cisco ios_xr 3.3.1
cisco ios_xr 3.3.2
cisco ios_xr 3.3.3
cisco ios_xr 3.3.4
cisco ios_xr 3.4.0
cisco ios_xr 3.4.1
cisco ios_xr 3.4.2
cisco ios_xr 3.4.3
cisco ios_xr 3.5.0
cisco ios_xr 3.5.2
cisco ios_xr 3.5.3
cisco ios_xr 3.5.4
cisco ios_xr 3.6.0
cisco ios_xr 3.6.1
cisco ios_xr 3.6.2
cisco ios_xr 3.6.3
cisco ios_xr 3.6_base
cisco ios_xr 3.7.0
cisco ios_xr 3.7.1
cisco ios_xr 3.7.2
cisco ios_xr 3.7.3
cisco ios_xr 3.7_base
cisco ios_xr 3.8.0
cisco ios_xr 3.8.1
cisco ios_xr 3.8.2
cisco ios_xr 3.8.3
cisco ios_xr 3.8.4
cisco ios_xr 3.9.0
cisco ios_xr 3.9.1
cisco ios_xr 3.9.2
cisco ios_xr 3.9.3
cisco ios_xr 4.0.0
cisco ios_xr 4.0.1
cisco ios_xr 4.0.2
cisco ios_xr 4.0.3
cisco ios_xr 4.0.4
cisco ios_xr 4.0.11
cisco ios_xr 4.0_base
cisco ios_xr 4.1.0
cisco ios_xr 4.1.1
cisco ios_xr 4.1.2
cisco ios_xr 4.1_base
cisco ios_xr 4.2.0
cisco ios_xr 4.2.1
cisco ios_xr 4.2.2
cisco ios_xr 4.2.3
cisco ios_xr 4.2.4
cisco ios_xr 4.3.0
cisco ios_xr 4.3.1
cisco ios_xr 4.3.2
cisco ios_xr 4.3.3
cisco ios_xr 4.3.4
cisco ios_xr 5.0.0
cisco ios_xr 5.0.1
cisco ios_xr 5.0_base
cisco ios_xr 5.1.0
cisco ios_xr 5.1.1.k9sec
cisco ios_xr 5.1.2
cisco ios_xr 5.1.3
cisco ios_xr 5.2.0
cisco ios_xr 5.2.1
cisco ios_xr 5.2.2
cisco ios_xr 5.2.3
cisco ios_xr 5.2.4
cisco ios_xr 5.2.5
cisco ios_xr 5.3.0
cisco ios_xr 5.3.1
cisco ios_xr 5.3.2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:2.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D3B3B33-1527-46B2-B920-A1259DE35931",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D0B0295-3527-449A-8C1E-C4C0BEF91FCC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "778F5573-0741-442F-AFFA-937053F8280C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3C44A02-B712-439E-A3B0-92B58190E8F5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C46BE68F-FFA9-4DF0-B407-1F5576047B6C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "A88B45F0-B1D1-4680-A29E-2C8A167573D2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C428048-198D-4672-B204-7F9C5D7EB078",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.2.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "265062D1-20BB-4B51-9407-AAA8F83A4D08",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.2.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A54FA9F-5C8D-402C-8728-1C308F550375",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.2.50:*:*:*:*:*:*:*",
                     matchCriteriaId: "9FDF9D75-6713-427F-A65F-1D59911A410B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA5EB6D3-5F0B-4367-85E3-78EF80C4E3CD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "20048020-E135-4D94-A2F5-E4279E35C2D9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B9D038B2-E87A-4008-B317-841E0BCA1477",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.3.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E1811B6-737F-407C-8AB0-63E6B031D5AD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.3.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E140490A-7295-4BCF-A0F5-BD866D7AC3CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "00DA2581-F618-4F2A-AB65-DA23DF51AF89",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "81797938-F953-42BE-B287-AA48B9860AF6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "92AED038-C73F-4499-B064-F01D80DB0C64",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.4.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB7A249B-AF69-47D0-B6DE-968B4CD0BA42",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.5.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDAC45C4-F9AC-4754-8C47-FDA9C677E3EE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.5.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5F15240-6323-4766-801A-D887F3EA8A6B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "D99DC1CF-78DC-4E59-98BA-DD84702D6467",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.5.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B9FA754-E3D2-4D80-8F4B-41139973D9FC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F497A05C-2FC5-427D-8036-2476ACA956C0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "2252E7B0-9112-4E9E-8CF4-4EC53C630CFD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "1131A524-AA7A-4C94-9FFE-54546EA7D2CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.6.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "46D1A634-D39C-4305-8915-4AA289FB68EE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.6_base:*:*:*:*:*:*:*",
                     matchCriteriaId: "37318A4A-B022-406F-9CC4-891D3D02C2FF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "21BAB799-3150-46D8-AEA3-9FCC73203221",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.7.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "99042285-94AC-4C57-8EAA-EE63C678A94A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.7.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E752AA9-CC1C-44B6-A916-A3C76A57F05C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.7.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "71CBE50E-9BD3-4F74-8C7A-BE4905090EE2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.7_base:*:*:*:*:*:*:*",
                     matchCriteriaId: "5ACF4A41-1D8D-4FEA-B139-E6EE77AF2A96",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "96F48419-AF66-4B50-ACBF-9E38287A64FA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.8.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "EBB71A24-AA6C-4BAD-BD37-5C191751C9DF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A20B6A9-27B7-4F42-B88D-F4AACC9BC24D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "79164FAE-AE31-4DA2-B4C2-7879268BA29E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "9B9A223A-7A0A-4E31-B8A1-C809373A799D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1ECAB9C3-9248-4663-ABAE-31FFC969EF3A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.9.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "10596213-9D2B-48A3-A733-744D41E90419",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.9.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "A07DCCD1-85D5-4ED2-B845-8C6EAC7E9D9B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:3.9.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "562D3E94-DAC9-42DB-A1E0-98E527590876",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F57421B-F54C-4C50-8B25-AF787E541C5A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "3A865225-6AEA-430D-8DB6-E70F7ED5E547",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DA73AC0-1CD2-4B6B-940A-DBB0C97E2C09",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.0.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "39F8B336-0DFA-41CE-9EFF-89A09BBDC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.0.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A1D1B60-C94F-44BF-8194-7758394E31C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.0.11:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B9D9B4A-1D3D-464F-919D-DFA0011F5980",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.0_base:*:*:*:*:*:*:*",
                     matchCriteriaId: "59150CDC-27BE-4578-B1D6-AAAB2874E20D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BFD77AF-358B-4385-BA8E-1BE9AC166825",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E593EF3-133A-4E15-9B86-6B451F5C0159",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BB49EB2-2D99-4C45-80B7-48299A1EBF30",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.1_base:*:*:*:*:*:*:*",
                     matchCriteriaId: "5169C809-B809-4781-A632-F0814C7D7902",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB6ABB63-E2D2-42F7-B648-BF6002D1C05E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "58FEC4F2-040A-4D23-8FE0-BC55020766BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "82520CBD-F42F-4E2D-9D36-878737779690",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "4DB87708-B088-47F7-BABA-2CD456766897",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.2.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "AFC1194B-56AC-4850-88B0-5EDFF92FABFC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "074571B4-65EF-451A-89DC-0797F6E4BFEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D909532E-85F5-4201-8BFF-561A21998D97",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "73D962D3-563F-4CDE-B51D-224D7995FBC9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "06028637-0F8D-4554-8465-7C70EE3B0944",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "55C35B00-49C6-4913-8673-3A1BB122A103",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F7620A88-C4B3-4184-846F-1E3FD8A751EB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "96BFB5A5-EF04-4334-9A62-558A375DE768",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.0_base:*:*:*:*:*:*:*",
                     matchCriteriaId: "E833219C-7887-4A1C-B616-CDB1AFD7A366",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "9839DC3C-8B8A-49D5-9E50-BB7C4BCE5878",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.1.1.k9sec:*:*:*:*:*:*:*",
                     matchCriteriaId: "C754F1D8-81E5-45BB-A4E1-1F9D773F2979",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "61C1B066-9DED-46D7-9DF7-AB55DF01B80F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "53E2D669-70EA-455E-BC9C-E97065502DD1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE1DFA18-E6D7-4F1D-8D9B-70323B2983AC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "95175A2E-14DB-4730-93EA-2291ED7E0DFC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB5452CA-E4DF-49FD-A677-3F6257F14707",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5EFC65A-C469-4267-9C0B-DD25E2E8C0F4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "7DABC2A4-B161-4597-B053-0ECEFCCDD89F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5F1F85C-B63F-4D6F-9918-4A5E4945B96B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "17A89483-1BC3-4F23-AEAC-C26E7E211CCE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4695DF36-5DC7-430B-8266-BF07FD2E7EFC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.",
      },
      {
         lang: "es",
         value: "Cisco IOS XR hasta la versión 5.3.2 no maneja correctamente las entradas basadas en los flujos Local Packet Transport Services (LPTS), lo que permite a atacantes remotos provocar una denegación de servicio (caída de sesión) haciendo muchos intentos de conexión para abrir puertos TCP, también conocida como Bug ID CSCux95576.",
      },
   ],
   id: "CVE-2016-1407",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2016-05-25T01:59:10.773",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr",
      },
      {
         source: "psirt@cisco.com",
         url: "http://www.securitytracker.com/id/1035934",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160519-ios-xr",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id/1035934",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2018-04-19 20:29
Modified
2024-11-21 03:37
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/103929Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1040710Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxrVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/103929Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1040710Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxrVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 4.0.4.base
cisco ios_xr 4.1.3.base
cisco ios_xr 4.2.4.base
cisco ios_xr 4.3.4.base
cisco ios_xr 4.4.3.ce
cisco ios_xr 5.0.3.ce
cisco ios_xr 5.1.4.base
cisco ios_xr 5.2.5.ce
cisco ios_xr 5.3.4.base
cisco ios_xr 5.4.3.ce
cisco ios_xr 6.0.4.base
cisco ios_xr 6.1.4.base
cisco ios_xr 6.2.3.base
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.0.4.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "527A8627-BB02-420C-8455-88E513FE1E5B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.1.3.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "47A44BA1-9644-4828-A237-50F9828A5BE9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.2.4.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "426C901C-0C18-4DA6-8A9E-C7530CABCF2F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.4.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "C0B3BB42-4CC3-4463-985E-7728C2F1CE2D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.4.3.ce:*:*:*:*:*:*:*",
                     matchCriteriaId: "00C20AD9-19A8-42AB-B46D-7A74FF3502B0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.0.3.ce:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F450B67-0C12-42AC-BAB9-5CB680F6C3F9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.1.4.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "A59E9CE1-88BE-4BEC-A578-8B5C41560EE6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.5.ce:*:*:*:*:*:*:*",
                     matchCriteriaId: "037143C6-8C0E-4EAD-B4D9-1DEECF67D7A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.3.4.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDA4B2C-7770-4689-8C1C-8645AD6C8916",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.4.3.ce:*:*:*:*:*:*:*",
                     matchCriteriaId: "36A18333-0858-41AE-B856-AAE4D8C97F23",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.0.4.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED7EBC2F-31AF-4353-976F-E82FCDB89E98",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.4.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FE2DAAB-D5EB-4D14-916A-732F4CDF4226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.3.base:*:*:*:*:*:*:*",
                     matchCriteriaId: "6EEDE502-5A17-4C30-970C-F3867A148C77",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulnerability by sending multiple UDP broadcast packets to the affected device. An exploit could allow the attacker to cause a buffer leak on the affected device, eventually resulting in a DoS condition requiring manual intervention to recover. This vulnerability affects all Cisco IOS XR platforms running 6.3.1, 6.2.3, or earlier releases of Cisco IOS XR Software when at least one IPv4 helper address is configured on an interface of the device. Cisco Bug IDs: CSCvi35625.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la función de reenvío de transmisiones UDP en Cisco IOS XR Software podría permitir que un atacante remoto sin autenticar provoque una denegación de servicio (DoS) en un sistema afectado. La vulnerabilidad se debe a la gestión incorrecta de los paquetes de transmisión UDP que se reenvían a una dirección auxiliar IPv4. Un atacante podría explotar esta vulnerabilidad enviando múltiples paquetes de transmisión UDP a un dispositivo afectado. Un exploit podría permitir que el atacante provoque una fuga del búfer en el dispositivo afectado, lo que resultaría finalmente en una denegación de servicio (DoS) que requeriría una intervención manual para recuperarla. La vulnerabilidad afecta a todas las plataformas Cisco IOS XR que ejecuten las versiones 6.3.1, 6.2.3 o anteriores de Cisco IOS XR Software cuando, al menos, una dirección IPv4 auxiliar está configurada en una interfaz del dispositivo. Cisco Bug IDs: CSCvi35625.",
      },
   ],
   id: "CVE-2018-0241",
   lastModified: "2024-11-21T03:37:47.947",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2018-04-19T20:29:00.877",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/103929",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1040710",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/103929",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1040710",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2018-10-05 14:29
Modified
2024-11-21 03:50
Severity ?
6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
psirt@cisco.comhttp://www.securitytracker.com/id/1041790Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1041790Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.0.1
cisco ios_xr 6.0.2
cisco ios_xr 6.1.1
cisco ios_xr 6.1.2
cisco ios_xr 6.1.3
cisco ios_xr 6.1.4
cisco ios_xr 6.2.1
cisco ios_xr 6.2.2
cisco ios_xr 6.2.3
cisco ios_xr 6.4.1
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "A9BE8485-444F-45E2-BBBB-B69BF322FEB7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F87B6885-A267-439B-AE04-CBD950BEC205",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "52CC4093-80C1-4B0C-82D2-647C625FF42D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "0235F415-F327-4914-8E2A-96334984797D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "D093D77E-66E3-4659-820E-F7E03A51A83C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "27A732BF-A723-48EA-AC0F-813CA5A2DB0F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "F517C60E-4580-486E-9A03-82A023755374",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "370F74EC-829D-4574-BE7D-85700E15C433",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "A29F9DD0-2FA4-463C-BF53-CFE351CB94DE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de la funcionalidad Border Gateway Protocol (BGP) de Cisco IOS XR Software podría permitir que un atacante remoto no autenticado provoque una condición de denegación de servicio (DoS). Esta vulnerabilidad se debe a un procesamiento incorrecto de ciertos mensajes de actualización BGP. Un atacante podría explotar esta vulnerabilidad enviando mensajes de actualización BGP que incluyen un atributo específico mal formado para que sea procesado por un sistema afectado. Su explotación con éxito podría permitir que el atacante haga que el proceso BGP se reinicie inesperadamente, resultando en una denegación de servicio (DoS). La implementación de Cisco de BGP acepta el tráfico BGP entrante solo desde peers definidos de forma explícita. Para explotar esta vulnerabilidad, el mensaje de actualización BGP malicioso necesitaría provenir de un peer BGP válido y configurado o, por otro lado, necesitaría ser inyectado por el atacante4 en la red BGP de la víctima en una conexión existente TCP válida a un peer BGP.",
      },
   ],
   id: "CVE-2018-15428",
   lastModified: "2024-11-21T03:50:46.520",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.2,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2018-10-05T14:29:11.543",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1041790",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1041790",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-iosxr-dos",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLUVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLUVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs540-12z20g-sys-a -
cisco ncs540-12z20g-sys-d -
cisco ncs540-24z8q2c-m -
cisco ncs540-24z8q2c-sys -
cisco ncs540-28z4c-sys-a -
cisco ncs540-28z4c-sys-d -
cisco ncs540-acc-sys -
cisco ncs540x-12z16g-sys-a -
cisco ncs540x-12z16g-sys-d -
cisco ncs540x-16z4g8q2c-a -
cisco ncs540x-16z4g8q2c-d -
cisco ncs540x-acc-sys -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
                     versionEndIncluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "908B6BB7-630C-4B3B-94EF-F910D8D2FF8C",
                     versionEndIncluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540-12z20g-sys-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D6DAA03-40D2-4E64-A2D8-2C29F7F5B51F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540-12z20g-sys-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D87B5470-C088-447F-8A53-E07F2A80E9AA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540-24z8q2c-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "760121F2-7128-4C2B-961E-323D8ADE888D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540-24z8q2c-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A24675D-E2B3-4590-8789-45577F84D0B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540-28z4c-sys-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "047309D8-E0FE-4E81-A437-AB7EB5467CA5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540-28z4c-sys-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D84DCABD-B4B0-4045-9232-52CD467BF542",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540-acc-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2EA35DB5-1999-474C-822F-8633907E798D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540x-12z16g-sys-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39300366-9456-469D-82A9-281FDFBA7786",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540x-12z16g-sys-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "479D87C4-928E-4C62-8D1C-26F30E62506B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540x-16z4g8q2c-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E975789-90AB-4235-96EA-08D4A6C2C39E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540x-16z4g8q2c-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8CDF2D04-55AC-4C99-A85A-5728BF989A06",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs540x-acc-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "117666A3-31D1-4318-BAB4-C5FCF80B9AAB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08864A59-0840-4407-8D30-9CE34BAF05E7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. This vulnerability exists because certain DHCPv4 messages are improperly validated when they are processed by an affected device. An attacker could exploit this vulnerability by sending a malformed DHCPv4 message to an affected device. A successful exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the dhcpd process. While the dhcpd process is restarting, which may take up to approximately two minutes, DHCPv4 server services are unavailable on the affected device. This could temporarily prevent network access to clients that join the network during that time period. Note: Only the dhcpd process crashes and eventually restarts automatically. The router does not reload.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la función de servidor DHCP versión 4 (DHCPv4) de Cisco IOS XR Software podría permitir a un atacante remoto no autenticado desencadenar un bloqueo del proceso dhcpd, resultando en una condición de denegación de servicio (DoS). Esta vulnerabilidad se presenta porque determinados mensajes DHCPv4 se comprueban inapropiadamente cuando son procesados por un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad enviando un mensaje DHCPv4 malformado a un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar una desreferencia del puntero NULL, resultando en un bloqueo del proceso dhcpd. Mientras el proceso dhcpd se reinicia, lo que puede tardar hasta aproximadamente dos minutos, los servicios del servidor DHCPv4 no están disponibles en el dispositivo afectado. Esto podría impedir temporalmente el acceso a la red a los clientes que se unan a ella durante ese periodo de tiempo. Nota: Sólo el proceso dhcpd se bloquea y finalmente se reinicia automáticamente. El router no se recarga",
      },
   ],
   id: "CVE-2021-34737",
   lastModified: "2024-11-21T06:11:05.107",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "LOW",
               baseScore: 5.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 1.4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-09-09T05:15:11.963",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dhcp-dos-pjPVReLU",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2024-11-21 05:30
Severity ?
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
psirt@cisco.comhttp://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlThird Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dosVendor Advisory
Impacted products
Vendor Product Version
cisco firepower_extensible_operating_system *
cisco firepower_extensible_operating_system *
cisco firepower_extensible_operating_system *
cisco fxos 2.4
cisco firepower_4110 -
cisco firepower_4115 -
cisco firepower_4120 -
cisco firepower_4125 -
cisco firepower_4140 -
cisco firepower_4145 -
cisco firepower_4150 -
cisco firepower_9300 -
cisco ios_xr 5.2.5
cisco ncs_6000 -
cisco ios_xr 6.4.2
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco crs -
cisco ios_xr 6.5.3
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_540-12z20g-sys-a -
cisco ncs_540-12z20g-sys-d -
cisco ncs_540-24z8q2c-sys -
cisco ncs_540-28z4c-sys-a -
cisco ncs_540-28z4c-sys-d -
cisco ncs_540-acc-sys -
cisco ncs_540x-12z16g-sys-a -
cisco ncs_540x-12z16g-sys-d -
cisco ncs_540x-16z4g8q2c-a -
cisco ncs_540x-16z4g8q2c-d -
cisco ncs_540x-acc-sys -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco xrv_9000 -
cisco ios_xr 6.6.25
cisco ncs_560 -
cisco ios_xr 7.0.1
cisco ncs_540l -
cisco nx-os *
cisco nx-os *
cisco mds_9132t -
cisco mds_9148s -
cisco mds_9148t -
cisco mds_9216 -
cisco mds_9216a -
cisco mds_9216i -
cisco mds_9222i -
cisco mds_9506 -
cisco mds_9509 -
cisco mds_9513 -
cisco mds_9706 -
cisco mds_9710 -
cisco mds_9718 -
cisco nx-os *
cisco nexus_1000ve -
cisco nx-os *
cisco nexus_1000v -
cisco nx-os *
cisco nexus_1000v -
cisco nx-os *
cisco nx-os *
cisco nexus_3016 -
cisco nexus_3048 -
cisco nexus_3064 -
cisco nexus_3064-t -
cisco nexus_31108pc-v -
cisco nexus_31108tc-v -
cisco nexus_31128pq -
cisco nexus_3132c-z -
cisco nexus_3132q -
cisco nexus_3132q-v -
cisco nexus_3132q-xl -
cisco nexus_3164q -
cisco nexus_3172 -
cisco nexus_3172pq-xl -
cisco nexus_3172tq -
cisco nexus_3172tq-32t -
cisco nexus_3172tq-xl -
cisco nexus_3232c_ -
cisco nexus_3264c-e -
cisco nexus_3264q -
cisco nexus_3408-s -
cisco nexus_34180yc -
cisco nexus_3432d-s -
cisco nexus_3464c -
cisco nexus_3524 -
cisco nexus_3524-x -
cisco nexus_3524-xl -
cisco nexus_3548 -
cisco nexus_3548-x -
cisco nexus_3548-xl -
cisco nexus_36180yc-r -
cisco nexus_3636c-r -
cisco nexus_9000v -
cisco nexus_92160yc-x -
cisco nexus_92300yc -
cisco nexus_92304qc -
cisco nexus_92348gc-x -
cisco nexus_9236c -
cisco nexus_9272q -
cisco nexus_93108tc-ex -
cisco nexus_93108tc-fx -
cisco nexus_93120tx -
cisco nexus_93128tx -
cisco nexus_93180lc-ex -
cisco nexus_93180yc-ex -
cisco nexus_93180yc-fx -
cisco nexus_93216tc-fx2 -
cisco nexus_93240yc-fx2 -
cisco nexus_9332c -
cisco nexus_9332pq -
cisco nexus_93360yc-fx2 -
cisco nexus_9336c-fx2 -
cisco nexus_9336pq_aci_spine -
cisco nexus_9348gc-fxp -
cisco nexus_9364c -
cisco nexus_9372px -
cisco nexus_9372px-e -
cisco nexus_9372tx -
cisco nexus_9372tx-e -
cisco nexus_9396px -
cisco nexus_9396tx -
cisco nexus_9504 -
cisco nexus_9508 -
cisco nexus_9516 -
cisco nx-os *
cisco nexus_5548p -
cisco nexus_5548up -
cisco nexus_5596t -
cisco nexus_5596up -
cisco nexus_56128p -
cisco nexus_5624q -
cisco nexus_5648q -
cisco nexus_5672up -
cisco nexus_5696q -
cisco nx-os *
cisco nx-os *
cisco nx-os *
cisco nx-os *
cisco nexus_7000 -
cisco nexus_7700 -
cisco nx-os *
cisco nx-os *
cisco nexus_9000v -
cisco nexus_92160yc-x -
cisco nexus_92300yc -
cisco nexus_92304qc -
cisco nexus_92348gc-x -
cisco nexus_9236c -
cisco nexus_9272q -
cisco nexus_93108tc-ex -
cisco nexus_93108tc-fx -
cisco nexus_93120tx -
cisco nexus_93128tx -
cisco nexus_93180lc-ex -
cisco nexus_93180yc-ex -
cisco nexus_93180yc-fx -
cisco nexus_93216tc-fx2 -
cisco nexus_93240yc-fx2 -
cisco nexus_9332c -
cisco nexus_9332pq -
cisco nexus_93360yc-fx2 -
cisco nexus_9336c-fx2 -
cisco nexus_9336pq_aci_spine -
cisco nexus_9348gc-fxp -
cisco nexus_9364c -
cisco nexus_9372px -
cisco nexus_9372px-e -
cisco nexus_9372tx -
cisco nexus_9372tx-e -
cisco nexus_9396px -
cisco nexus_9396tx -
cisco nexus_9504 -
cisco nexus_9508 -
cisco nexus_9516 -
cisco ucs_manager *
cisco ucs_manager *
cisco ucs_6248up -
cisco ucs_6296up -
cisco ucs_6300 -
cisco ucs_6324 -
cisco ucs_64108 -
cisco ucs_6454 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6793CE39-88B6-42DF-A586-43BC656F00DD",
                     versionEndIncluding: "2.3.1.173",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5CD86FB-4B86-470E-A1F8-3F3EBC66F0F3",
                     versionEndExcluding: "2.6.1.187",
                     versionStartIncluding: "2.6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:firepower_extensible_operating_system:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A19CF844-DCAA-46DD-95FC-1BC200E7DE91",
                     versionEndExcluding: "2.7.1.106",
                     versionStartIncluding: "2.7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:fxos:2.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "35E2BDED-6263-4948-89A3-5D867D52BD48",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A694AD51-9008-4AE6-8240-98B17AB527EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "38AE6DC0-2B03-4D36-9856-42530312CC46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DB2822B-B752-4CD9-A178-934957E306B4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B051AF4-592A-4201-9DD3-8683C1847A00",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5494B4B-0BB4-48AE-8B0D-04DE649F9313",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3A0C835-6C98-4AB6-89FF-C27117BB6B12",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "395F25CD-FDF5-48D7-A048-A6B4F4779EC9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E926BBC-F5C5-4D02-8A62-F1A5DE3C54DA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFB1323A-C472-4EA1-A969-1D1C10AB0CE8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-acc-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "124CE49C-1C2B-40A5-8F59-7A223766E12F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A83F3D33-0674-4F74-AEA9-BC824D8536F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "784A450D-8DCA-43E5-8044-A9F2363FB006",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92E88ED4-C2AF-407C-A395-3D7806D68758",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DA11E43-F821-45F6-A2DB-E1EBC8BDE68B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540x-acc-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "871D84C5-71EE-4B82-A48C-A1CC68DA332A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "55812D67-23B2-4EE1-8DEF-B1386551D825",
                     versionEndExcluding: "6.2\\(29\\)",
                     versionStartIncluding: "5.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2516465F-34B9-4E24-B65B-3952DAEF25FD",
                     versionEndExcluding: "8.4\\(1a\\)",
                     versionStartIncluding: "7.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9132t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "56426D35-FCFD-406E-9144-2E66C8C86EFC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9148s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D25FA4A8-408B-4E94-B7D9-7DC54B61322F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9148t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "831B6D0F-A975-4CBA-B5BB-0AC4AD718FE8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9216:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A72BDC4-6640-45CC-A128-0CDEE38D3ADC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9216a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "90094569-AA2C-4D35-807F-9551FACE255F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9216i:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "306AFBC9-A236-4D03-A1EB-CE7E838D8415",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9222i:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "12DB1A25-A7C9-412F-88BC-E89588896395",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9506:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3925D2CF-9D7C-4498-8AF2-45E15D5D009F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9509:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C677D356-86C9-4491-A6CA-5E6306B2BB70",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9513:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "28A3C579-7AAD-41A4-947F-CCB9B09402A5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9706:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5182CB50-4D32-4835-B1A8-817D989F919F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9710:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "36B3B617-7554-4C36-9B41-19AA3BD2F6E9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:mds_9718:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B88879A9-A7F5-41E0-8A38-0E09E3FD27F4",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "33FD38EF-3B47-4739-BF0B-FC50D8520DBC",
                     versionEndExcluding: "5.2\\(1\\)sv5\\(1.3\\)",
                     versionStartIncluding: "5.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_1000ve:-:*:*:*:*:vsphere:*:*",
                     matchCriteriaId: "707970E0-8B5F-4C9D-A1C2-6AF4286CFE2F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4832A094-92DB-402F-AF05-34B3A7C7CA0E",
                     versionEndIncluding: "5.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:hyper-v:*:*",
                     matchCriteriaId: "69E1B4D2-4200-4C05-9E64-57A18823AF38",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2FE8F16B-D59C-43C7-BECA-3D62B609AB94",
                     versionEndExcluding: "5.2\\(1\\)sv3\\(4.1b\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_1000v:-:*:*:*:*:vsphere:*:*",
                     matchCriteriaId: "30E0EDCF-CF41-4DEA-85E6-C39F49B03F31",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D562562-099B-47D6-8A27-592960AEDB5C",
                     versionEndExcluding: "9.3\\(2\\)",
                     versionStartIncluding: "7.0\\(3\\)f2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBBBECB4-431D-42AE-9A15-E1B8C7186EE2",
                     versionEndExcluding: "7.0\\(3\\)i7\\(8\\)",
                     versionStartIncluding: "7.0\\(3\\)i",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3016:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528ED62B-D739-4E06-AC64-B506FD73BBAB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC2A6C31-438A-4CF5-A3F3-364B1672EB7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76C10D85-88AC-4A79-8866-BED88A0F8DF8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3064-t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "65CB7F6D-A82B-4A31-BFAC-FF4A4B8DF9C1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_31108pc-v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E930332-CDDD-48D5-93BC-C22D693BBFA2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_31108tc-v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BF4B8FE-E134-4491-B5C2-C1CFEB64731B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_31128pq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4226DA0-9371-401C-8247-E6E636A116C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3132c-z:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7664666F-BCE4-4799-AEEA-3A73E6AD33F4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3132q:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3DBBFE9-835C-4411-8492-6006E74BAC65",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3132q-v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3293438-3D18-45A2-B093-2C3F65783336",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3132q-xl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8F43B770-D96C-44EA-BC12-9F39FC4317B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3164q:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA782EB3-E8E6-4DCF-B39C-B3CBD46E4384",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3172:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7817F4E6-B2DA-4F06-95A4-AF329F594C02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3172pq-xl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BB9DD73-E31D-4921-A6D6-E14E04703588",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3172tq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4532F513-0543-4960-9877-01F23CA7BA1B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3172tq-32t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B43502B-FD53-465A-B60F-6A359C6ACD99",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3172tq-xl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3229124-B097-4AAC-8ACD-2F9C89DCC3AB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3232c_:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D008CA1C-6F5A-40EA-BB12-A9D84D5AF700",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3264c-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "24FBE87B-8A4F-43A8-98A3-4A7D9C630937",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3264q:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6ACD09AC-8B28-4ACB-967B-AB3D450BC137",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3408-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7D397349-CCC6-479B-9273-FB1FFF4F34F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_34180yc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC7286A7-780F-4A45-940A-4AD5C9D0F201",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3432d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F7AF8D7-431B-43CE-840F-CC0817D159C0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3464c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DAC204C8-1A5A-4E85-824E-DC9B8F6A802D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAF5AF71-15DF-4151-A1CF-E138A7103FC8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3524-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "10F80A72-AD54-4699-B8AE-82715F0B58E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3524-xl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9354B6A2-D7D6-442E-BF4C-FE8A336D9E94",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "088C0323-683A-44F5-8D42-FF6EC85D080E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3548-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74CB4002-7636-4382-B33E-FBA060A13C34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3548-xl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "10CEBF73-3EE0-459A-86C5-F8F6243FE27C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_36180yc-r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "95D2C4C3-65CE-4612-A027-AF70CEFC3233",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_3636c-r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57572E4A-78D5-4D1A-938B-F05F01759612",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "80E4C5F7-050A-40D8-B087-5F7597B97EEA",
                     versionEndExcluding: "7.3\\(6\\)n1\\(1\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_5548p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5519EA9-1236-4F51-9974-E3FC1B26B5D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_5548up:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB0A3B06-8B25-4CD3-AFA9-5F928B1042F4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_5596t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1766443C-1C5A-486E-A36F-D3045F364D78",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_5596up:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC4D4403-F93B-4CC8-B75F-7A5B03FEDD85",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_56128p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ABB6E612-4246-4408-B3F6-B31E771F5ACB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_5624q:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91B129B2-2B31-4DE0-9F83-CC6E0C8729A0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_5648q:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3CBD3CD0-B542-4B23-9C9D-061643BE44E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_5672up:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A22A2647-A4C0-4681-BBC5-D95ADBAA0457",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_5696q:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2BB1A3A-668C-4B0D-8AC2-6B4758B3420B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7D74A33-E46C-4A26-AEFF-A9064415F89E",
                     versionEndExcluding: "6.2\\(24\\)",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA088812-07C5-47BF-9CB1-66D2E4E6D27C",
                     versionEndExcluding: "7.3\\(5\\)d1\\(1\\)",
                     versionStartIncluding: "7.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A8934F95-3C91-4499-ACA3-8C22DA785ED5",
                     versionEndExcluding: "8.2\\(5\\)",
                     versionStartIncluding: "8.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "66360174-9C40-4147-A94C-8007021C55A5",
                     versionEndExcluding: "8.4\\(2\\)",
                     versionStartIncluding: "8.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_7000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "12180BEB-7F21-4FA7-ABD2-E9A8EA7340F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_7700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD7A4B4B-3BB1-4A4D-911E-C4EEF01BBC45",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "97BA8B03-822E-4544-89A0-23608D635DA7",
                     versionEndExcluding: "13.2\\(9b\\)",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:nx-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A415FC0-EC1A-4172-B88E-5AC3BEE291BE",
                     versionEndExcluding: "14.2\\(1j\\)",
                     versionStartIncluding: "14.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0CD9C1F1-8582-4F67-A77D-97CBFECB88B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_92160yc-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4283E433-7F8C-4410-B565-471415445811",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_92300yc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F80AB6FB-32FD-43D7-A9F1-80FA47696210",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_92304qc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B2E4C1-2627-4B9D-8E92-4B483F647651",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_92348gc-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "557ED31C-C26A-4FAE-8B14-D06B49F7F08B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9236c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "11411BFD-3F4D-4309-AB35-A3629A360FB0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9272q:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E663DE91-C86D-48DC-B771-FA72A8DF7A7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A90184B3-C82F-4CE5-B2AD-97D5E4690871",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93108tc-fx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4AB89849-6DA4-4C9D-BC3F-EE0E41FD1901",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "07DE6F63-2C7D-415B-8C34-01EC05C062F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F423E45D-A6DD-4305-9C6A-EAB26293E53A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93180lc-ex:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E952A96A-0F48-4357-B7DD-1127D8827650",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F70D81F1-8B12-4474-9060-B4934D8A3873",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93180yc-fx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7349D69B-D8FA-4462-AA28-69DD18A652D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93216tc-fx2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1CC5F78-E88B-4B82-9E3E-C73D3A49DE26",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93240yc-fx2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91231DC6-2773-4238-8C14-A346F213B5E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9332c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DF88547-BAF4-47B0-9F60-80A30297FCEB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "113772B6-E9D2-4094-9468-3F4E1A87D07D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_93360yc-fx2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C45A38D6-BED6-4FEF-AD87-A1E813695DE0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9336c-fx2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1FC2B1F-232E-4754-8076-CC82F3648730",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9336pq_aci_spine:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "785FD17C-F32E-4042-9DDE-A89B3AAE0334",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9348gc-fxp:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17C7E3DB-8E1A-47AD-B1C5-61747DC0CFB9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9364c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "63842B25-8C32-4988-BBBD-61E9CB09B4F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9372px:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4364ADB9-8162-451D-806A-B98924E6B2CF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9372px-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B53BCB42-ED61-4FCF-8068-CB467631C63C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9372tx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E0371B-FDE2-473C-AA59-47E1269D050F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9372tx-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "489D11EC-5A18-4F32-BC7C-AC1FCEC27222",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9396px:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BC5293E-F2B4-46DC-85DA-167EA323FCFD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9396tx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA022E77-6557-4A33-9A3A-D028E2DB669A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9504:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "768BE390-5ED5-48A7-9E80-C4DE8BA979B1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDC2F709-AFBE-48EA-A3A2-DA1134534FB6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nexus_9516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E02DC82-0D26-436F-BA64-73C958932B0A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8BA5E06-2264-4292-93E5-D32A2D81600E",
                     versionEndExcluding: "3.2\\(3m\\)",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:ucs_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C79BC0D-B86C-452B-B6CA-F93E938B707F",
                     versionEndExcluding: "4.0\\(4g\\)",
                     versionStartIncluding: "4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ucs_6248up:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49112D3F-DFAD-4E71-992B-9E0640FA388C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ucs_6296up:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "38A1D8F2-A4A6-4BAC-8326-9F9DE9572FA2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ucs_6300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6BCF41B-A617-4563-8D14-E906411354FB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ucs_6324:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B82093C6-B36D-4E4E-AD7F-8C107646B8D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ucs_64108:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC04D48B-8B2F-45E1-A445-A87E92E790B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ucs_6454:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4FD096B7-6F8E-4E48-9EC4-9A10AA7D9AA0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de Cisco Discovery Protocol para Cisco FXOS Software, Cisco IOS XR Software y Cisco NX-OS Software, podría permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condición de denegación de servicio (DoS). La vulnerabilidad es debido a una falta de comprobación cuando el software afectado procesa los mensajes de Cisco Discovery Protocol. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante agotar la memoria del sistema, causando que el dispositivo se recargue. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusión que el dispositivo afectado (Capa 2 adyacente).",
      },
   ],
   id: "CVE-2020-3120",
   lastModified: "2024-11-21T05:30:22.057",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-02-05T18:15:11.063",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-fxnxos-iosxr-cdp-dos",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-190",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-190",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-01-26 05:15
Modified
2024-11-21 04:29
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000v -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco crs -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco xrv_9000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco ios_xr 7.0.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco xrv_9000 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B051AF4-592A-4201-9DD3-8683C1847A00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades en la implementación de la funcionalidad Border Gateway Protocol (BGP) Ethernet VPN (EVPN) en Cisco IOS XR Software, podrían permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS). Las vulnerabilidades son debido al procesamiento incorrecto de los mensajes de actualización de BGP que contienen atributos EVPN diseñados. Un atacante podría explotar estas vulnerabilidades mediante el envío de mensajes de actualización de BGP EVPN con atributos malformados para ser procesados ??por un sistema afectado. Una explotación con éxito podría permitir al atacante causar que el proceso BGP se reinicie inesperadamente, resultando en una condición DoS. La implementación de Cisco de BGP acepta el tráfico de BGP entrante solo desde peers definidos explícitamente. Para explotar estas vulnerabilidades, el mensaje de actualización de BGP malicioso necesitaría venir desde un peer de BGP válido y configurado, o necesitaría ser inyectado por parte del atacante en la red de BGP de la víctima en una conexión TCP válida y existente a un peer de BGP.",
      },
   ],
   id: "CVE-2019-16022",
   lastModified: "2024-11-21T04:29:56.730",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-01-26T05:15:16.193",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-01-26 05:15
Modified
2024-11-21 04:29
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes&rsquo; status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routesVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routesVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000v -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco crs -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco xrv_9000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco ios_xr 7.0.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco xrv_9000 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B051AF4-592A-4201-9DD3-8683C1847A00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes&rsquo; status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de la funcionalidad Border Gateway Protocol (BGP) Ethernet VPN (EVPN) en Cisco IOS XR Software, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS). La vulnerabilidad es debido al procesamiento incorrecto de un mensaje de actualización de BGP que contiene atributos EVPN diseñados. Un atacante podría explotar indirectamente la vulnerabilidad mediante el envío de mensajes de actualización de BGP EVPN con un atributo específico malformado hacia un sistema afectado y esperar a que un usuario en el dispositivo despliegue el estado operativo routes’ de EVPN. Si tiene éxito, el atacante podría causar que el proceso BGP se reinicie inesperadamente, resultando en una condición DoS. La implementación de Cisco de BGP acepta el tráfico de BGP entrante solo desde peers definidos explícitamente. Para explotar esta vulnerabilidad, el mensaje de actualización de BGP malicioso necesitaría venir desde un peer de BGP válido y configurado, o necesitaría ser inyectado por parte del atacante en la red de BGP de la víctima en una conexión TCP válida y existente a un peer de BGP.",
      },
   ],
   id: "CVE-2019-16018",
   lastModified: "2024-11-21T04:29:56.110",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: true,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "REQUIRED",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-01-26T05:15:14.413",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2014-07-07 11:01
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.
References
psirt@cisco.comhttp://secunia.com/advisories/58869
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3308Vendor Advisory
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=34843Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/68351Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1030525Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58869
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3308Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=34843Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/68351Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030525Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco ios_xr *
cisco asr_9000_rsp440_router -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C15E168-11DA-4219-B689-78BC48935263",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A580194-1B06-4D71-B618-345046DBA9C6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.",
      },
      {
         lang: "es",
         value: "Cisco IOS XR en tarjetas de línea Trident en dispositivos ASR 9000 no tiene un static punt policer, lo que permite a atacantes remotos causar una denegación de servicio (consumo de CPU) mediante el envío de muchos paquetes manipulados, también conocido como Bug ID CSCun83985.",
      },
   ],
   id: "CVE-2014-3308",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 6.4,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2014-07-07T11:01:30.227",
   references: [
      {
         source: "psirt@cisco.com",
         url: "http://secunia.com/advisories/58869",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3308",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34843",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/68351",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1030525",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://secunia.com/advisories/58869",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3308",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34843",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/68351",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1030525",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-01-26 05:15
Modified
2024-11-21 04:29
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000v -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco crs -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco xrv_9000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco ios_xr 7.0.1
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6000 -
cisco xrv_9000 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B051AF4-592A-4201-9DD3-8683C1847A00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1BD9FC30-C073-4C63-8468-47DEF12A3875",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades en la implementación de la funcionalidad Border Gateway Protocol (BGP) Ethernet VPN (EVPN) en Cisco IOS XR Software, podrían permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS). Las vulnerabilidades son debido al procesamiento incorrecto de los mensajes de actualización de BGP que contienen atributos EVPN diseñados. Un atacante podría explotar estas vulnerabilidades mediante el envío de mensajes de actualización de BGP EVPN con atributos malformados para ser procesados ??por un sistema afectado. Una explotación con éxito podría permitir al atacante causar que el proceso BGP se reinicie inesperadamente, resultando en una condición DoS. La implementación de Cisco de BGP acepta el tráfico de BGP entrante solo desde peers definidos explícitamente. Para explotar estas vulnerabilidades, el mensaje de actualización de BGP malicioso necesitaría venir desde un peer de BGP válido y configurado, o necesitaría ser inyectado por parte del atacante en la red de BGP de la víctima en una conexión TCP válida y existente a un peer de BGP.",
      },
   ],
   id: "CVE-2019-16020",
   lastModified: "2024-11-21T04:29:56.430",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-01-26T05:15:16.053",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFDVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFDVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco ios_xr *
cisco asr_9000 -
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3B5D889-BB78-4A59-9BA8-AE379814DCE1",
                     versionEndExcluding: "6.6.3",
                     versionStartIncluding: "6.4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "95A9FD90-38BC-4DDA-AD94-DECD032AF8D9",
                     versionEndExcluding: "6.7.1",
                     versionStartIncluding: "6.7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26088AB3-C36F-4157-941C-8F7F7993457C",
                     versionEndExcluding: "7.0.2",
                     versionStartIncluding: "7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A9A70D62-3F36-48FD-B4AC-690C23BCAF8A",
                     versionEndExcluding: "7.1.1",
                     versionStartIncluding: "7.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FEF8271-315F-4756-931F-015F790BE693",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el código de bateo de Capa 2 de Cisco IOS XR Software que se ejecuta en los routers de Servicios de Agregación de la serie Cisco ASR 9000 podría permitir a un atacante adyacente no autenticado causar el reinicio de la tarjeta de línea afectada. Esta vulnerabilidad es debido al manejo incorrecto de determinadas tramas Ethernet que causan un bucle de giro que puede hacer que los procesadores de red no respondan. Un atacante podría explotar esta vulnerabilidad mediante el envío de tipos específicos de tramas Ethernet en el segmento donde están conectadas las tarjetas de línea afectadas. Una explotación con éxito podría permitir al atacante causar el reinicio de la tarjeta de línea afectada",
      },
   ],
   id: "CVE-2021-34713",
   lastModified: "2024-11-21T06:11:01.577",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-09-09T05:15:10.810",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-npspin-QYpwdhFD",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-11-12 02:15
Modified
2024-11-21 05:19
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS condition. The device would need to be restarted to regain functionality.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QYVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QYVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v v2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "413EC528-53D8-4E5C-9137-84D9F337B420",
                     versionEndExcluding: "6.7.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF281839-E74A-4BCB-ADFA-44D7C47D3B1A",
                     versionEndExcluding: "7.1.2",
                     versionStartIncluding: "7.1.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:v2:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6B6AF64-42FF-4411-85EA-9AE537383CD6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network traffic in software switching mode (punted). An attacker could exploit this vulnerability by sending specific streams of Layer 2 or Layer 3 protocol data units (PDUs) to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could make the device unable to process or forward traffic, resulting in a DoS condition. The device would need to be restarted to regain functionality.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la función de procesamiento de paquetes de entrada de Cisco IOS XR Software para Cisco ASR 9000 Series Aggregation Services Routers, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un dispositivo afectado.&#xa0;La vulnerabilidad es debido a una asignación inapropiada de recursos cuando un dispositivo afectado procesa el tráfico de red en modo de switching de software (punteado).&#xa0;Un atacante podría explotar esta vulnerabilidad mediante el envío de secuencias específicas de unidades de datos de protocolo (PDU) de capa 2 o capa 3 hacia un dispositivo afectado.&#xa0;Un explotación con éxito podría causar a un dispositivo afectado quedarse sin recursos de búfer, que podría hacer que el dispositivo se inhabilite para procesar o reenviar el tráfico, resultando en una condición DoS.&#xa0;El dispositivo deberá ser reiniciado para recuperar la funcionalidad",
      },
   ],
   id: "CVE-2020-26070",
   lastModified: "2024-11-21T05:19:10.127",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-11-12T02:15:11.057",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cp-dos-ej8VB9QY",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-404",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-404",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2018-01-31 20:29
Modified
2024-11-21 03:37
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/102905Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1040315Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/102905Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1040315Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6Patch, Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 5.3.4
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.3.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4A82FCC-14D4-4838-BB05-E2D08505ACD2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el subsistema IPv6 de Cisco IOS XR Software Release 5.3.4 para Cisco Aggregation Services Router (ASR) 9000 Series podría permitir que un atacante remoto no autenticado desencadene la recarga de una o más tarjetas de línea Trident, lo que resulta en una condición de denegación de servicio (DoS). La vulnerabilidad se debe a la manipulación incorrecta de paquetes IPv6 con una extensión de cabecera de fragmento. Un atacante podría explotar esta vulnerabilidad enviando paquetes IPv6 diseñados para provocar este problema en o a través de la tarjeta de línea Trident. Un exploit con éxito podría permitir que el atacante desencadene la recarga de las tarjetas de línea Trident, lo que resulta en un DoS durante el período de tiempo que la tarjeta necesita para reiniciarse. Esta vulnerabilidad afecta a Cisco Aggregation Services Router (ASR) 9000 Series cuando se cumplen las siguientes condiciones: el router ejecuta Cisco IOS XR Software Release 5.3.4 y tiene instaladas tarjetas de línea Trident con IPv6 configurado. Se ha puesto en disposición de los usuarios una actuación del mantenimiento de software (SMU) que aborda esta vulnerabilidad. La solución también se ha incorporado en service pack 7 para Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.",
      },
   ],
   id: "CVE-2018-0136",
   lastModified: "2024-11-21T03:37:35.470",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2018-01-31T20:29:00.663",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/102905",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1040315",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/102905",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1040315",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180131-ipv6",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-Other",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-02-05 18:15
Modified
2025-02-24 15:35
Severity ?
8.8 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
References
psirt@cisco.comhttp://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlThird Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rceVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rceVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco ios_xr 6.5.3
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540-12z20g-sys-a -
cisco ncs_540-12z20g-sys-d -
cisco ncs_540-24z8q2c-sys -
cisco ncs_540-28z4c-sys-a -
cisco ncs_540-28z4c-sys-d -
cisco ncs_540-acc-sys -
cisco ncs_540x-12z16g-sys-a -
cisco ncs_540x-12z16g-sys-d -
cisco ncs_540x-16z4g8q2c-a -
cisco ncs_540x-16z4g8q2c-d -
cisco ncs_540x-acc-sys -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco xrv_9000 -
cisco ios_xr 5.2.5
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr 6.4.2
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco crs-x -
cisco ios_xr 6.6.25
cisco ncs_560 -
cisco ios_xr 7.0.1
cisco ncs_540l -


To clipboard 

{
   cisaActionDue: "2022-05-03",
   cisaExploitAdd: "2021-11-03",
   cisaRequiredAction: "Apply updates per vendor instructions.",
   cisaVulnerabilityName: "Cisco IOS XR Software Discovery Protocol Format String Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "024D2B99-34D5-48B0-AFD6-114200D154E5",
                     versionEndExcluding: "6.6.12",
                     versionStartIncluding: "6.6.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "00AFC058-2750-4A6F-B321-DF159214FCA5",
                     versionEndExcluding: "7.0.2",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5494B4B-0BB4-48AE-8B0D-04DE649F9313",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3A0C835-6C98-4AB6-89FF-C27117BB6B12",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "395F25CD-FDF5-48D7-A048-A6B4F4779EC9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E926BBC-F5C5-4D02-8A62-F1A5DE3C54DA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFB1323A-C472-4EA1-A969-1D1C10AB0CE8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540-acc-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "124CE49C-1C2B-40A5-8F59-7A223766E12F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A83F3D33-0674-4F74-AEA9-BC824D8536F5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "784A450D-8DCA-43E5-8044-A9F2363FB006",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "92E88ED4-C2AF-407C-A395-3D7806D68758",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DA11E43-F821-45F6-A2DB-E1EBC8BDE68B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540x-acc-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "871D84C5-71EE-4B82-A48C-A1CC68DA332A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B529456-23DB-4917-A316-4CFC6AEC9964",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "A0B5C0F4-1BEC-4B54-ABF0-948CFF80E5E0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FEF8271-315F-4756-931F-015F790BE693",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E7ED87-8AC0-4107-A7A5-F334236E2906",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "62F5E007-0CB6-424C-9AE8-01618C8C44E0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de Cisco Discovery Protocol para Cisco IOS XR Software, podría permitir a un atacante adyacente no autenticado ejecutar código arbitrario o causar una recarga sobre un dispositivo afectado. La vulnerabilidad es debido a la comprobación inapropiada de la entrada de cadena de determinados campos en los mensajes de Cisco Discovery Protocol. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete malicioso de Cisco Discovery Protocol hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante causar un desbordamiento del búfer de la pila, lo que podría permitir al atacante ejecutar código arbitrario con privilegios administrativos sobre un dispositivo afectado. Cisco Discovery Protocol es un protocolo de Capa 2. Para explotar esta vulnerabilidad, un atacante debe encontrarse en el mismo dominio de difusión que el dispositivo afectado (Capa 2 adyacente).",
      },
   ],
   id: "CVE-2020-3118",
   lastModified: "2025-02-24T15:35:44.490",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 8.3,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-02-05T18:15:10.907",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/156203/Cisco-Discovery-Protocol-CDP-Remote-Device-Takeover.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200205-iosxr-cdp-rce",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-134",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2015-03-26 10:59
Modified
2025-04-12 10:46
Severity ?
Summary
The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=38006Vendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1031970
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=38006Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1031970
Impacted products
Vendor Product Version
cisco ios_xr 5.2.2
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB5452CA-E4DF-49FD-A677-3F6257F14707",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822.",
      },
      {
         lang: "es",
         value: "El servidor DHCPv4 en Cisco IOS XR 5.2.2 en los dispositivos ASR 9000 permite a atacantes remotos causar una denegación de servicio (interrupción de servicio) a través de una inundación de paquetes DHCP manipulados, también conocido como Bug ID CSCup67822.",
      },
   ],
   id: "CVE-2015-0672",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2015-03-26T10:59:15.740",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38006",
      },
      {
         source: "psirt@cisco.com",
         url: "http://www.securitytracker.com/id/1031970",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=38006",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id/1031970",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2017-09-29 01:34
Modified
2025-01-27 19:23
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/101039Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1039449Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-natVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101039Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039449Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-natVendor Advisory
Impacted products
Vendor Product Version
cisco ios *
cisco 1100-4g\/6g_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4gltegb_integrated_services_router -
cisco 1100-4gltena_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100-lte_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1100_terminal_services_gateways -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 1801_integrated_service_router -
cisco 1802_integrated_service_router -
cisco 1803_integrated_service_router -
cisco 1811_integrated_service_router -
cisco 1812_integrated_service_router -
cisco 1841_integrated_service_router -
cisco 1861_integrated_service_router -
cisco 1905_integrated_services_router -
cisco 1906c_integrated_services_router -
cisco 1921_integrated_services_router -
cisco 1941_integrated_services_router -
cisco 1941w_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8208 -
cisco 8212 -
cisco 8218 -
cisco 8800_12-slot -
cisco 8800_18-slot -
cisco 8800_4-slot -
cisco 8800_8-slot -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 9800-40 -
cisco 9800-80 -
cisco 9800-cl -
cisco 9800-l -
cisco asr_1000 -
cisco asr_1000-esp100 -
cisco asr_1000-esp100-x -
cisco asr_1000-esp200-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1002_fixed_router -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_900 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco catalyst_3650 -
cisco catalyst_3650-12x48fd-e -
cisco catalyst_3650-12x48fd-l -
cisco catalyst_3650-12x48fd-s -
cisco catalyst_3650-12x48uq -
cisco catalyst_3650-12x48uq-e -
cisco catalyst_3650-12x48uq-l -
cisco catalyst_3650-12x48uq-s -
cisco catalyst_3650-12x48ur -
cisco catalyst_3650-12x48ur-e -
cisco catalyst_3650-12x48ur-l -
cisco catalyst_3650-12x48ur-s -
cisco catalyst_3650-12x48uz -
cisco catalyst_3650-12x48uz-e -
cisco catalyst_3650-12x48uz-l -
cisco catalyst_3650-12x48uz-s -
cisco catalyst_3650-24pd -
cisco catalyst_3650-24pd-e -
cisco catalyst_3650-24pd-l -
cisco catalyst_3650-24pd-s -
cisco catalyst_3650-24pdm -
cisco catalyst_3650-24pdm-e -
cisco catalyst_3650-24pdm-l -
cisco catalyst_3650-24pdm-s -
cisco catalyst_3650-24ps-e -
cisco catalyst_3650-24ps-l -
cisco catalyst_3650-24ps-s -
cisco catalyst_3650-24td-e -
cisco catalyst_3650-24td-l -
cisco catalyst_3650-24td-s -
cisco catalyst_3650-24ts-e -
cisco catalyst_3650-24ts-l -
cisco catalyst_3650-24ts-s -
cisco catalyst_3650-48fd-e -
cisco catalyst_3650-48fd-l -
cisco catalyst_3650-48fd-s -
cisco catalyst_3650-48fq -
cisco catalyst_3650-48fq-e -
cisco catalyst_3650-48fq-l -
cisco catalyst_3650-48fq-s -
cisco catalyst_3650-48fqm -
cisco catalyst_3650-48fqm-e -
cisco catalyst_3650-48fqm-l -
cisco catalyst_3650-48fqm-s -
cisco catalyst_3650-48fs-e -
cisco catalyst_3650-48fs-l -
cisco catalyst_3650-48fs-s -
cisco catalyst_3650-48pd-e -
cisco catalyst_3650-48pd-l -
cisco catalyst_3650-48pd-s -
cisco catalyst_3650-48pq-e -
cisco catalyst_3650-48pq-l -
cisco catalyst_3650-48pq-s -
cisco catalyst_3650-48ps-e -
cisco catalyst_3650-48ps-l -
cisco catalyst_3650-48ps-s -
cisco catalyst_3650-48td-e -
cisco catalyst_3650-48td-l -
cisco catalyst_3650-48td-s -
cisco catalyst_3650-48tq-e -
cisco catalyst_3650-48tq-l -
cisco catalyst_3650-48tq-s -
cisco catalyst_3650-48ts-e -
cisco catalyst_3650-48ts-l -
cisco catalyst_3650-48ts-s -
cisco catalyst_3650-8x24pd-e -
cisco catalyst_3650-8x24pd-l -
cisco catalyst_3650-8x24pd-s -
cisco catalyst_3650-8x24uq -
cisco catalyst_3650-8x24uq-e -
cisco catalyst_3650-8x24uq-l -
cisco catalyst_3650-8x24uq-s -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8300-1n1s-4t2x -
cisco catalyst_8300-1n1s-6t -
cisco catalyst_8300-2n2s-4t2x -
cisco catalyst_8300-2n2s-6t -
cisco catalyst_8500 -
cisco catalyst_8500-4qc -
cisco catalyst_8500l -
cisco catalyst_8510csr -
cisco catalyst_8510msr -
cisco catalyst_8540csr -
cisco catalyst_8540msr -
cisco catalyst_9200 -
cisco catalyst_9200cx -
cisco catalyst_9200l -
cisco catalyst_9300 -
cisco catalyst_9300-24p-a -
cisco catalyst_9300-24p-e -
cisco catalyst_9300-24s-a -
cisco catalyst_9300-24s-e -
cisco catalyst_9300-24t-a -
cisco catalyst_9300-24t-e -
cisco catalyst_9300-24u-a -
cisco catalyst_9300-24u-e -
cisco catalyst_9300-24ux-a -
cisco catalyst_9300-24ux-e -
cisco catalyst_9300-48p-a -
cisco catalyst_9300-48p-e -
cisco catalyst_9300-48s-a -
cisco catalyst_9300-48s-e -
cisco catalyst_9300-48t-a -
cisco catalyst_9300-48t-e -
cisco catalyst_9300-48u-a -
cisco catalyst_9300-48u-e -
cisco catalyst_9300-48un-a -
cisco catalyst_9300-48un-e -
cisco catalyst_9300-48uxm-a -
cisco catalyst_9300-48uxm-e -
cisco catalyst_9300l -
cisco catalyst_9300l-24p-4g-a -
cisco catalyst_9300l-24p-4g-e -
cisco catalyst_9300l-24p-4x-a -
cisco catalyst_9300l-24p-4x-e -
cisco catalyst_9300l-24t-4g-a -
cisco catalyst_9300l-24t-4g-e -
cisco catalyst_9300l-24t-4x-a -
cisco catalyst_9300l-24t-4x-e -
cisco catalyst_9300l-48p-4g-a -
cisco catalyst_9300l-48p-4g-e -
cisco catalyst_9300l-48p-4x-a -
cisco catalyst_9300l-48p-4x-e -
cisco catalyst_9300l-48t-4g-a -
cisco catalyst_9300l-48t-4g-e -
cisco catalyst_9300l-48t-4x-a -
cisco catalyst_9300l-48t-4x-e -
cisco catalyst_9300l_stack -
cisco catalyst_9300lm -
cisco catalyst_9300x -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9600_supervisor_engine-1 -
cisco catalyst_9600x -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-40_wireless_controller -
cisco catalyst_9800-80 -
cisco catalyst_9800-80_wireless_controller -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_9800-l-c -
cisco catalyst_9800-l-f -
cisco catalyst_9800_embedded_wireless_controller -
cisco catalyst_ie3200_rugged_switch -
cisco catalyst_ie3300_rugged_switch -


To clipboard 

{
   cisaActionDue: "2022-03-24",
   cisaExploitAdd: "2022-03-03",
   cisaRequiredAction: "Apply updates per vendor instructions.",
   cisaVulnerabilityName: "Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3AE09220-EF68-4DFE-AA9C-E4F5508EDF3D",
                     versionEndIncluding: "15.6",
                     versionStartIncluding: "12.4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4g\\/6g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6F668B9-2C1D-4306-8286-35E67D0F67C7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EBE4E146-1D77-4F15-AE58-3C1CE5DB62C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100_terminal_services_gateways:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9A4ED65-7DED-4EAD-BF37-FCA71E807CA1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B80890A8-E3D3-462C-B125-9E9BC6525B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3F374DC-B9F7-4515-A064-01BB436CA984",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D916389F-54DB-44CB-91DD-7CE3C7059350",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1801_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D5E48D7-2266-4649-90A9-62C476AFE6DE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1802_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99581637-E184-4A02-8313-57C7C31E5479",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1803_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C6D4A90-31B9-4B6C-ADAC-44C49DB44115",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1811_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3AF3F75-0BD8-4AA6-B696-3624BEE86681",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1812_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C58CEA6-69F8-4021-98C9-4676C70AB167",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1841_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF156D97-7C39-49CF-9938-D9681066FF05",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1861_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "459FEB4E-54E3-4FE5-82A5-6E4ECE855DD6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1905_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "871AC0F6-5C01-43A1-8436-7885439BD81F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1906c_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1DEFFA8-11A6-43CC-A886-DD38EFF22ACB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2147DBF8-B733-4F76-90C5-9D94F1E93625",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F42D5B4-BB07-4C9C-852F-0D839E9F2AA7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9222CA59-F4FD-478D-83C9-566B389140B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8208:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A34DAD43-0C95-4830-8078-EFE3E6C0A930",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8212:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "46F5CBF0-7F55-44C0-B321-896BDBA22679",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8218:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D381E343-416F-42AF-A780-D330954F238F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2C3816C-95F4-443C-9C79-72F0251528F4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1810C73-93B8-4EB5-85FC-3585AD5256BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE2BC76E-A166-4E71-B058-F49FF84A9E19",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "542244A0-300C-4630-812A-BF45F61E38DD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91209C16-A620-44A0-9134-8AA456343F29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp100-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "917B52DF-4210-4DD6-97EF-8A033497A954",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp200-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7F413FB-D4F9-4113-9D67-2956BF1DC30D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED7C321E-F083-4AB6-96A0-D6358980441E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7594E307-AC80-41EC-AE94-07E664A7D701",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33208B25-0CBB-4E31-A892-60B7B5625155",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "09C913FF-63D5-43FB-8B39-598EF436BA5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "444F688F-79D0-4F22-B530-7BD520080B8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51F2A755-556C-4C5E-8622-96D124319AF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002_fixed_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EAE214D-8DD8-4DA3-872A-609E7CE6E606",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7428E0A8-1641-47FB-9CA9-34311DEF660D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7401B7-094C-46EB-9869-2F0372E8B26B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "854D9594-FE84-4E7B-BA21-A3287F2DC302",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C81CC6E3-B989-4730-820E-46734E3E608D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FEF8271-315F-4756-931F-015F790BE693",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E673A75F-EFF8-4591-8E0F-A21083563DBA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "A50A1CA4-F928-4787-ADB4-0274301B7EF6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "515CD97F-DDBD-4F75-A6DB-646890A30B32",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E181FC9-6790-4C12-874F-67252B6879BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE063AF2-5579-4D7E-8829-9102FC7CB994",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4A46-10D3-48F8-9E92-377ACA447257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DBE110B5-CC6E-4103-9983-4195BCC28165",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B97DDC45-ABD1-4C8F-A249-0865345637A4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FE4D129-435B-45DD-838D-4017BD94DF93",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "456C68A8-F3C8-4302-B55A-134979B42045",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17C6733C-F77B-4688-B051-C1557F4D8D41",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2BD45D77-4097-4AFB-98DF-5B8188316C20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31608C12-FBED-4EAD-96EC-48BC4B356B77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D989205A-0576-415C-935E-E83AD42FD1CB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C3EB40-574A-48F7-A679-90F62ED976B5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6CC6206-DF19-4636-84C2-8912E443D122",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85489F69-EAF0-4971-8C93-36838A8AA00E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA179D79-07E7-4721-85BB-0C740B516B1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E7ED87-8AC0-4107-A7A5-F334236E2906",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7814FA61-CAF1-46DE-9D84-CEBE6480EA03",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EE4F60E-DF3D-4839-8731-7CF16DA8FF26",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8EA5EEE3-A084-46B4-84C0-ADFD69800649",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "592F67D5-344B-49AF-A277-1089A40AC2FD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7434059A-25B8-4FAC-A756-6E571348B76E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB2A5355-BF40-437C-8683-A7A81DEE362C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43F4B90E-3499-45D4-864D-18505E2149F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B9BE6BA-6B2D-47C9-B8F1-3C9CE213948D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "858FEECF-CC69-4E68-8E8A-674643021964",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE5FCCFF-E491-474F-9B86-AB51D8244582",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA8464F8-D6D2-4165-ADE8-B40F7D8556C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61007628-A81B-43E0-86DE-1F7DDAD9F1A7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91B9F022-4C3D-493E-9418-E9CDDAFEC9B1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C3F03C3-C0CA-4E9B-A99A-BE28153EB5C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B39F250E-6A89-4537-BD31-1FB81734A9A1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB4E3B69-DDE8-4EA2-8E63-D6EEF41083B3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8904EAF5-25E7-4A6B-8117-1859F913B83B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A369CD35-1242-4556-A83D-BD69CC149CFA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA2D1B9E-6234-4FD6-A003-AFBC8A4DC2E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "784A1499-1F33-493D-B433-EB2550C03C19",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "59A990D6-B748-4AFD-B924-1D19680BD3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CECFC88D-5480-46E4-BF74-E11A514A8BDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E54D16A8-0407-41E3-9599-9A6F57E1AA75",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C94A9A21-C4F7-4EA4-95B1-DEA7DDA0F77D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF3818CC-8653-4A9E-A57B-950A15914D6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EDC790B-B42D-45DB-ACF5-A789F76C2BC4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2A6BC84-91F2-437D-9D2E-F8B3F5966767",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F331F13-5D05-4213-B442-D48D8E22287B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6E312F4-90DA-40E4-BCD1-92F41BEEEECF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA32EA3F-946D-430D-B00F-939D828DD72C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D239A09C-34D2-4418-B538-03A1080B8479",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C84561E-DD99-4433-9EF2-083F7C300123",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B29871BE-CA7D-4108-B46A-CBD539C9A2B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39CD9189-6524-4157-B90E-FF6A81DE3599",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2CF1B702-643A-4AF2-B0AD-3C540CF85F2A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "96269625-CB31-4850-872B-B2C1321B13B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "426B68A6-3A41-43DB-846F-AEFBA62E221B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDE086A-3FE5-46E3-BD66-23D0AE5089BE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA53775A-D3ED-4D34-8338-A384DBEB94E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7D4522-D6BB-467F-AF5D-4D753A89D524",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C96215F-A300-4B4E-9D3A-C32E484BFC5B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C680534-C663-40B0-A4AA-7F292EE60FE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BAF4F233-7B47-46ED-BDC5-A589BCFC0B39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A528EC0-4650-4787-BE52-A588E7E38A31",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "53898E96-03D6-43A2-AE05-46C62464BD26",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "465917E5-8BF0-4BBB-85A0-DE8F516880C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9FA66D9-E465-406E-A95C-608A1BE34D74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4EFFE6E6-413F-48AC-B4CE-0F1058C48FC2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1456B204-A2A5-4790-A684-7F50D692EC9F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD715BDD-7C74-4785-BEDF-75918F6FB37A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4CD10664-94D0-48C0-92EF-E8EA66841245",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "071A47F9-FF35-4F2C-BF5D-897CAC8BC08A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E988448-36C9-47E0-9356-DA400EB824E3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D067EF9-00DB-4979-B12E-55749059A083",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A9FA300A-44B1-44EE-8111-C1296EB0B638",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8598A543-B30B-4BD4-9974-F432FFFDCDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "48DEBBAD-D28D-4784-BBD8-9FAD1710A919",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A5FC516-6B48-4D77-B26D-FA097AC91D1A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A7437E4-5C09-436C-AFBC-F6B6747A4339",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ECBC0277-4990-4DE7-AD80-20E8A6F561D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E7DAF69-662B-4999-A6AD-AA528B53EAF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DF90C70-A2B8-44A4-B4A1-2A1B48AA9D0A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D28306B1-3DDE-4444-9784-522B3D2163EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9257D187-1F2D-40F4-8C87-78978DB56C3F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BF4A033-FD9E-4B98-A0FD-CF6CD9BD3E5B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4AF8261-74E0-4F53-B82C-A7BA7559D7CB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "25AE251E-E99F-4546-85B0-C57834B040B7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C62FFCB9-4253-459B-9298-C252DA9177DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "991CBDFB-6836-4D1F-80A9-14EBCE3F855F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B4C0250-DA0D-4CEE-99F4-C211163C6653",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E18C436-AC70-4E2E-8ED2-EEADFCE36CB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D453BF6-AB9F-4D47-B4DF-C25C67358FFE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "005F5347-A5E6-4954-ACAB-E4DF29119724",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "882B8D8F-E154-45C3-BB47-5353167C9776",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E87F823-D924-4718-AD81-248A6C619531",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E45BCCD0-65BB-431F-B448-221C1595CD92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F33BA722-0680-4074-8D03-41657F8CDCC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "295C46B4-5E9F-4DD8-861B-00BA43923306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F840171D-CA1C-4E25-BD41-6B871C47BB84",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B240B20-CF48-4A72-9653-9D04D59C1391",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74CCD143-3D6E-4880-B275-ECF5B04238C6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D58FF034-8E07-4518-A858-5F16F22217E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "376AD386-373D-4B24-966F-D11F76C9020F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0C1174-C789-4547-9899-F7FCD0905F92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC366801-655A-403B-ACD9-3BB43802A3C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47E4D5A8-7E4A-44C5-81DC-84712781206D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B13D6D50-D0FA-4527-BED3-52560DDD5253",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "965BF315-D833-4711-97FC-512151113367",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04072C0F-78A2-4D10-87B2-52DC2537BA89",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD262F58-C47F-439E-A9FF-D1C60120D306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE9EABE0-5FB0-4277-A389-87732E750B7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E7E8914-7B25-4097-8B22-6928C1F03D5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B207857B-C483-47DF-9FC7-6A05B866BF60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD26746A-80D1-4C48-BF77-E9F7EEEF7EA7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BDB16CCE-1E89-4707-86C1-97F2FB5B62B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1DBA393-232D-40E6-9CDB-DF82D2E7A5B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04AB61E9-0148-495E-BD21-64D52DE60A6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85D2C587-E95B-4E74-88CF-5930072258D3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3D1BB0B-0EFE-4C6D-A18E-3E48ABA01F00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74270062-2030-45A0-9C93-C1F3B7C88E8B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F403859-F034-4DD9-9CA5-708EADECB380",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0972076B-5C87-44B3-90EC-4C200B89318A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74AED057-2458-4DE0-8D51-ABD766D07F68",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19538C03-5FB8-4401-8B21-489C629D7E7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B26D7061-F471-4DF0-A892-ED132958B84A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "033ED443-80E7-4012-9825-07AAC0D44B96",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD3F3CC6-A349-47B1-B282-B6458683C191",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "21AFDC0D-7629-424E-827B-C8A8767324C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A263CFF2-A659-405B-90EA-51E49B25C6D3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CEFBD449-217D-4569-99F7-D56B853A3E07",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7ED668FC-D1A5-4175-A234-23760BA6E788",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D650C48-9241-42F7-87A9-20733329489A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "82D345E7-8208-41AC-B11A-4425D29E98A1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E386D461-F1C1-4970-B056-D6119E74D449",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "226F985C-4669-4D0A-9DB4-CB1465B37B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B736A43-6F4E-40A9-84E4-D9E251489234",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E99CA124-7D86-463B-A31E-A7836B7493E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E014B028-8DD9-428C-B705-8F428F145932",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5306E847-C718-4C83-9C97-8AB498DC4A88",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "18287CEF-B574-4498-A256-567CA6E6CA7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5713043E-2535-4540-B3EF-41FAC40BECE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67701D77-8B03-446A-AE22-4B8CCCD6F029",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "831A2390-7170-4FC0-A95E-3DAB1791017D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "493989DC-8F1B-45C9-AD11-38B97B958C9C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F168FB20-0C44-4A5B-910A-04B9517545C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "176ACF88-6112-4179-8492-50C50577B300",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D07FC868-0B38-4F24-BA40-87966FF80AB7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600_supervisor_engine-1:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EA59279-3504-417D-9E86-E5886EE198BD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-40_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E283C34-43AE-49A5-A72B-32DEA185ABD3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B0E620C-8E09-4F7C-A326-26013173B993",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-80_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ADB3AF13-5324-42CD-8EDB-6F730BF46214",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l-c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E9EA95F-4E39-4D9C-8A84-D1F6014A4A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l-f:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA0BC769-C244-41BD-BE80-E67F4E1CDDA4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800_embedded_wireless_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78706517-83F4-4D44-A6EC-B78ADCEABAC0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "86879AC0-890E-42F4-9561-6851F38FE0AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19017B10-F630-42CD-ACD2-E817FEF0E7F1",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper translation of H.323 messages that use the Registration, Admission, and Status (RAS) protocol and are sent to an affected device via IPv4 packets. An attacker could exploit this vulnerability by sending a crafted H.323 RAS packet through an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to use an application layer gateway with NAT (NAT ALG) for H.323 RAS messages. By default, a NAT ALG is enabled for H.323 RAS messages. Cisco Bug IDs: CSCvc57217.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de la funcionalidad NAT (Network Address Translation) en Cisco IOS desde la versión 12.4 hasta la 15.6 podría permitir que un atacante remoto sin autenticar provoque una denegación de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe a una traducción incorrecta de los mensajes H.323. que utiliza el protocolo RAS (Registration, Admission and Status) y a que se envían al dispositivo afectado mediante paquetes IPv4. Un atacante podría explotar esta vulnerabilidad enviando un paquete H.323 RAS manipulado mediante el dispositivo afectado. Si se explota con éxito, podría permitir que el atacante provoque que el dispositivo afectado deje de ejecutarse de manera inesperada y que se reinicie, provocando una denegación de servicio. Esta vulnerabilidad afecta a los dispositivos Cisco que están configurados para usar una puerta de enlace a nivel de aplicación con NAT (NAT ALG) para mensajes H.3323 RAS. Por defecto, NAT ALG está habilitado para mensajes H.323 RAS. Cisco Bug IDs: CSCvc57217.",
      },
   ],
   id: "CVE-2017-12231",
   lastModified: "2025-01-27T19:23:23.143",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-09-29T01:34:48.747",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/101039",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1039449",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/101039",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1039449",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-nat",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-09-23 01:15
Modified
2024-11-21 04:29
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5500 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000 -
cisco asr_9000 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco carrier_routing_system -
cisco ios_xrv_9000 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_540 -
cisco ncs_5500 -
cisco ncs_6000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5500 -
cisco ncs_560 -
cisco ios_xr 7.0.1
cisco asr_9000 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xrv_9000 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5500 -
cisco ncs_560 -
cisco ncs_6000 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "A15B6B59-E90B-43A8-B4E7-3718FE6990AE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "A50A1CA4-F928-4787-ADB4-0274301B7EF6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "9FF5102C-3163-48F1-8D44-352D6715288D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "7FA1F27F-3265-482D-AD31-BCB300419526",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "6D1A5E2E-1CF6-4E3D-A474-9AA26758E574",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "3AE8FA9B-C71B-42AE-94B2-580F505BC17F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:carrier_routing_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58042C12-8C73-4FD2-B9D5-BD895C442C50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades en la implementación de la funcionalidad de Border Gateway Protocol (BGP) Ethernet VPN (EVPN) en Cisco IOS XR Software, podrían permitir a un atacante no autenticado remoto causar una condición de denegación de servicio (DoS).&#xa0;Las vulnerabilidades son debido al procesamiento incorrecto de los mensajes de actualización de BGP que contienen atributos EVPN diseñados.&#xa0;Un atacante podría explotar estas vulnerabilidades mediante el envío de mensajes de actualización de BGP EVPN con atributos malformados para que sean procesados por un sistema afectado.&#xa0;Una explotación con éxito podría permitir a un atacante causar que el proceso BGP se reiniciara inesperadamente, resultando en una condición DoS.&#xa0;La implementación de Cisco de BGP acepta tráfico BGP entrante solo de peers definidos explícitamente.&#xa0;Para explotar estas vulnerabilidades, el mensaje de actualización de BGP malicioso debería provenir de un peer BGP válido configurado, o necesitaría ser inyectado por el atacante en la red BGP de la víctima en una conexión TCP válida existente a un peer BGP",
      },
   ],
   id: "CVE-2019-16023",
   lastModified: "2024-11-21T04:29:56.880",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-09-23T01:15:14.037",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2015-04-17 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxrVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/74162Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1032139Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxrVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/74162Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032139Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco ios_xr 4.3.0
cisco ios_xr 4.3.1
cisco ios_xr 4.3.2
cisco ios_xr 4.3.3
cisco ios_xr 5.1.0
cisco ios_xr 5.1.1
cisco ios_xr 5.1.2
cisco ios_xr 5.2.0
cisco ios_xr 5.2.1
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "074571B4-65EF-451A-89DC-0797F6E4BFEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D909532E-85F5-4201-8BFF-561A21998D97",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "73D962D3-563F-4CDE-B51D-224D7995FBC9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "06028637-0F8D-4554-8465-7C70EE3B0944",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "9839DC3C-8B8A-49D5-9E50-BB7C4BCE5878",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "12A14B46-0EC9-4FE4-AD28-F0F7861465B1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "61C1B066-9DED-46D7-9DF7-AB55DF01B80F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE1DFA18-E6D7-4F1D-8D9B-70323B2983AC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "95175A2E-14DB-4730-93EA-2291ED7E0DFC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.",
      },
      {
         lang: "es",
         value: "Cisco IOS XR 4.3.4 hasta 5.3.0 en los dispositivos ASR 9000, cuando uRPF, PBR, QoS, o un ACL están configurados, no maneja correctamente trafico de la interfaz virtual de grupos puente (BVI), lo que permite a atacantes remotos causar una denegación de servicio (cuelgues de chip y tarjeta y recargas) mediante la provocación del uso de una interfaz BVI para paquetes IPv4, también conocido como Bug ID CSCur62957.",
      },
   ],
   id: "CVE-2015-0695",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2015-04-17T01:59:26.263",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxr",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/74162",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032139",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-iosxr",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/74162",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1032139",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-19",
            },
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-09-25 21:15
Modified
2024-11-21 04:23
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker who has valid administrator access to an affected device could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to run arbitrary commands on the underlying operating system with root privileges, which may lead to complete system compromise.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privescVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privescVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "89C81A91-832E-46D1-AA24-076D5AC0F5B2",
                     versionEndExcluding: "6.5.3",
                     versionStartIncluding: "5.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "45AAA1E0-9972-4EA3-BF54-BAB06CC02992",
                     versionEndExcluding: "6.6.2",
                     versionStartIncluding: "6.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of arguments passed to a specific VMAN CLI command on an affected device. An attacker who has valid administrator access to an affected device could exploit this vulnerability by including malicious input as the argument of an affected command. A successful exploit could allow the attacker to run arbitrary commands on the underlying operating system with root privileges, which may lead to complete system compromise.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en un comando de la CLI relacionado con el virtualization manager (VMAN) en el Software Cisco IOS XR, para Cisco ASR 9000 Series Aggregation Services Routers, podría permitir a un atacante local autenticado ejecutar comandos arbitrarios en el sistema operativo Linux subyacente con privilegios root. La vulnerabilidad es debido a una comprobación insuficiente de los argumentos pasados ??a un comando específico de la CLI de VMAN en un dispositivo afectado. Un atacante que tenga acceso válido de administrador a un dispositivo afectado podría explotar esta vulnerabilidad mediante la inclusión de entradas maliciosas como argumento de un comando afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con privilegios root, lo que puede conllevar a un compromiso total del sistema.",
      },
   ],
   id: "CVE-2019-12709",
   lastModified: "2024-11-21T04:23:24.713",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.0",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-09-25T21:15:11.873",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-xr-asr9k-privesc",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-06-05 17:29
Modified
2024-11-21 04:37
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/108687Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-sshVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108687Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-sshVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr_firmware 6.1.2.tools
cisco ios_xr_firmware 6.1.3.tools
cisco ios_xr_firmware 6.2.3.tools
cisco ios_xr_firmware 6.4.2.tools
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco crs-1_16-slot_line_card_chassis -
cisco crs-1_16-slot_single-shelf_system -
cisco crs-1_4-slot_single-shelf_system -
cisco crs-1_8-slot_line_card_chassis -
cisco crs-1_8-slot_single-shelf_system -
cisco crs-1_fabric_card_chassis -
cisco crs-1_line_card_chassis_\(dual\) -
cisco crs-1_line_card_chassis_\(multi\) -
cisco crs-1_multishelf_system -
cisco crs-3_16-slot_single-shelf_system -
cisco crs-3_4-slot_single-shelf_system -
cisco crs-3_8-slot_single-shelf_system -
cisco crs-3_multishelf_system -
cisco crs-8\/s-b_crs -
cisco crs-8\/scrs -
cisco crs-x_16-slot_single-shelf_system -
cisco crs-x_multishelf_system -
cisco ncs_6008-8-slot_chassis -
cisco network_convergence_system_5508 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr_firmware:6.1.2.tools:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C7572F0-53A7-49B2-97A5-A9FAC7AFAD3C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr_firmware:6.1.3.tools:*:*:*:*:*:*:*",
                     matchCriteriaId: "36326A0C-80EB-4AC3-8B99-5BCA81F100D2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr_firmware:6.2.3.tools:*:*:*:*:*:*:*",
                     matchCriteriaId: "0004444D-F0B5-4AFC-B02A-515AEBFB8CFA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr_firmware:6.4.2.tools:*:*:*:*:*:*:*",
                     matchCriteriaId: "C67AFE4B-EAF7-457D-8948-11C86FC483C7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_16-slot_line_card_chassis:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A5D5476-202C-476C-BC43-C0A963C99079",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0F7E3D1-B738-4B69-AB38-3A273F454B9A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_4-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2039DB3-F6BA-434D-A395-41DF7B641E4D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_8-slot_line_card_chassis:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C078ABAD-0E35-481F-8096-FDD40451A318",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_8-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A8A8B9BF-E548-4CD9-AEC0-7030B89C4A32",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_fabric_card_chassis:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "941333EC-86D4-43AC-BD9A-D286B2276C95",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(dual\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD07CEAB-98E4-4FEE-BFA4-ADA520F7A61F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(multi\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE33AF1E-5E5C-43A1-B2E3-28E823C47E99",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_multishelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BBA0BE4-ED73-4B8C-BE53-5A2AB76981D0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-3_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76F8EEEF-085A-49A5-A50E-24922B300F75",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-3_4-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "10698948-E6E0-4C9B-9CB9-3626E4076336",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-3_8-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40EF0D7E-FB4E-433A-A983-34E44E790542",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-3_multishelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15448B60-0A19-477C-A08A-17578CF7C92C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-8\\/s-b_crs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D31F6ED1-B20E-44CA-A74B-9D767EDF045F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-8\\/scrs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4BDEC7F0-D4D5-45F0-89A4-49C596318C01",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-x_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "16770F6C-539D-4B65-9C52-60F008C283D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-x_multishelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4F47E9F-D7BA-49B9-8070-1BC610B6AE2D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008-8-slot_chassis:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E8AFAF4-4392-4EB5-AA35-68B97B036B62",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:network_convergence_system_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2932D6BF-111E-4B56-9A2E-FDF7C6991097",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames. A successful exploit could result in logging data misrepresentation, user enumeration, or, in certain circumstances, a command authorization bypass. See the Details section for more information.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la función de identificación Secure Shell (SSH) del software IOS XR de Cisco, podría permitir a un atacante remoto identificado iniciar sesión correctamente en un dispositivo afectado usando dos nombres de usuario distintos. La vulnerabilidad es debido a un error lógico que puede ocurrir cuando ciertas secuencias de acciones son procesadas durante un evento de inicio de sesión SSH en el dispositivo afectado. Un atacante podría aprovechar esta vulnerabilidad mediante el inicio de una sesión SSH en el dispositivo con una secuencia específica que presenta los dos nombres de usuario. Una operación con éxtio podría resultar en el registro de datos falsos, enumeración de usuarios o, en ciertas circunstancias, una omisión de la autorización de comandos. Vea la sección de Detalles para más información.",
      },
   ],
   id: "CVE-2019-1842",
   lastModified: "2024-11-21T04:37:30.750",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 5.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 4.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.5,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.4,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "LOW",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 2.5,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-06-05T17:29:00.430",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/108687",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/108687",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190605-iosxr-ssh",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-285",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-287",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2014-06-14 11:18
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.
References
psirt@cisco.comhttp://secunia.com/advisories/58722Permissions Required
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140611-ipv6Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/68005Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1030400Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58722Permissions Required
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140611-ipv6Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/68005Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030400Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco ios_xr 4.1.2
cisco ios_xr 4.2.0
cisco ios_xr 4.3.1
cisco ios_xr 5.1.0
cisco ios_xr 5.1.1
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BB49EB2-2D99-4C45-80B7-48299A1EBF30",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB6ABB63-E2D2-42F7-B648-BF6002D1C05E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D909532E-85F5-4201-8BFF-561A21998D97",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "9839DC3C-8B8A-49D5-9E50-BB7C4BCE5878",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "12A14B46-0EC9-4FE4-AD28-F0F7861465B1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.",
      },
      {
         lang: "es",
         value: "Cisco IOS XR 4.1.2 hasta 5.1.1 en dispositivos ASR 9000, cuando una tarjeta de línea basado en Trident está utilizada, permite a atacantes remotos causar una denegación de servicio (reinicio de chip NP y tarjeta de línea) a través de paquetes IPv6 malformados, también conocido como Bug ID CSCun71928.",
      },
   ],
   id: "CVE-2014-2176",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2014-06-14T11:18:55.127",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Permissions Required",
         ],
         url: "http://secunia.com/advisories/58722",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140611-ipv6",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/68005",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1030400",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Permissions Required",
         ],
         url: "http://secunia.com/advisories/58722",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140611-ipv6",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/68005",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1030400",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-09-23 01:15
Modified
2025-02-24 15:39
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzMitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfzMitigation, Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.1.4
cisco ios_xr 6.2.3
cisco ios_xr 6.3.3
cisco ios_xr 6.4.2
cisco ios_xr 6.5.3
cisco ios_xr 6.6.2
cisco ios_xr 6.6.3
cisco ios_xr 7.0.2
cisco ios_xr 7.1.2
cisco ios_xr 7.1.15
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501 se
cisco ncs_5502 -
cisco ncs_5502 se
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6008 -
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_5501 -
cisco ncs_5501 se
cisco ncs_5502 -
cisco ncs_5502 se
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560 -
cisco ncs_6008 -
cisco ios_xr 6.1.4
cisco ios_xr 6.4.2
cisco ios_xr 6.4.3
cisco crs -
cisco crs-1_16-slot_line_card_chassis -
cisco crs-1_16-slot_single-shelf_system -
cisco crs-1_4-slot_single-shelf_system -
cisco crs-1_8-slot_line_card_chassis -
cisco crs-1_8-slot_single-shelf_system -
cisco crs-1_fabric_card_chassis -
cisco crs-1_line_card_chassis_\(dual\) -
cisco crs-1_line_card_chassis_\(multi\) -
cisco crs-1_multishelf_system -
cisco crs-3_16-slot_single-shelf_system -
cisco crs-3_4-slot_single-shelf_system -
cisco crs-3_8-slot_single-shelf_system -
cisco crs-3_multishelf_system -
cisco crs-8\/s-b_crs -
cisco crs-8\/scrs -
cisco crs-x -
cisco crs-x_16-slot_single-shelf_system -
cisco crs-x_multishelf_system -
cisco crs_performance_route_processor -


To clipboard 

{
   cisaActionDue: "2022-05-03",
   cisaExploitAdd: "2021-11-03",
   cisaRequiredAction: "Apply updates per vendor instructions.",
   cisaVulnerabilityName: "Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "370F74EC-829D-4574-BE7D-85700E15C433",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.3.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "47F3F8E3-D93B-4BAB-8643-AFBFC36940AA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "86E05C3F-4095-4B9C-8C11-E32567EB14AC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "36944A2B-E4F5-41DE-AC4D-55BFA603BE5E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F70AB37-3C0B-40A8-BC37-5A79DA5F45F6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.1.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B842317-A5DB-4890-948A-DD26B7AE2540",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.1.15:*:*:*:*:*:*:*",
                     matchCriteriaId: "48928FFF-871C-4C07-8352-8C802FAD8F53",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*",
                     matchCriteriaId: "22FE69B4-DF27-46F1-8037-4B8D1F229C6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*",
                     matchCriteriaId: "603980FE-9865-4A71-A37C-A90B7F3B72D6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CED75685-A63C-4550-9820-769058BEF572",
                     versionEndExcluding: "6.5.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:se:*:*:*:*:*:*:*",
                     matchCriteriaId: "22FE69B4-DF27-46F1-8037-4B8D1F229C6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:se:*:*:*:*:*:*:*",
                     matchCriteriaId: "603980FE-9865-4A71-A37C-A90B7F3B72D6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.1.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC06F7E7-D67F-4C91-B545-F7EB62858BA5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E67F538A-3E1A-4749-BB8D-4F8043653B6E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.4.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "4132A8AA-008B-49DA-AA5C-EB39CC65A2E9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:crs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B051AF4-592A-4201-9DD3-8683C1847A00",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_16-slot_line_card_chassis:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A5D5476-202C-476C-BC43-C0A963C99079",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0F7E3D1-B738-4B69-AB38-3A273F454B9A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_4-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2039DB3-F6BA-434D-A395-41DF7B641E4D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_8-slot_line_card_chassis:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C078ABAD-0E35-481F-8096-FDD40451A318",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_8-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A8A8B9BF-E548-4CD9-AEC0-7030B89C4A32",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_fabric_card_chassis:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "941333EC-86D4-43AC-BD9A-D286B2276C95",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(dual\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD07CEAB-98E4-4FEE-BFA4-ADA520F7A61F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_line_card_chassis_\\(multi\\):-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE33AF1E-5E5C-43A1-B2E3-28E823C47E99",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-1_multishelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BBA0BE4-ED73-4B8C-BE53-5A2AB76981D0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-3_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "76F8EEEF-085A-49A5-A50E-24922B300F75",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-3_4-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "10698948-E6E0-4C9B-9CB9-3626E4076336",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-3_8-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40EF0D7E-FB4E-433A-A983-34E44E790542",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-3_multishelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "15448B60-0A19-477C-A08A-17578CF7C92C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-8\\/s-b_crs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D31F6ED1-B20E-44CA-A74B-9D767EDF045F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-8\\/scrs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4BDEC7F0-D4D5-45F0-89A4-49C596318C01",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "62F5E007-0CB6-424C-9AE8-01618C8C44E0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-x_16-slot_single-shelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "16770F6C-539D-4B65-9C52-60F008C283D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs-x_multishelf_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4F47E9F-D7BA-49B9-8070-1BC610B6AE2D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:crs_performance_route_processor:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6D383DA-04D7-4789-B7F7-B31FD645BA8F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. Cisco will release software updates that address these vulnerabilities.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades en la funcionalidad Distance Vector Multicast Routing Protocol (DVMRP) del Cisco IOS XR Software, podrían permitir a un atacante remoto no autenticado bloquear inmediatamente el Internet Group Management Protocol (IGMP) o lo haga consumir la memoria disponible y finalmente bloquearlo.&#xa0;El consumo de memoria puede afectar negativamente a otros procesos que son ejecutados en el dispositivo.&#xa0;Estas vulnerabilidades son debido al manejo incorrecto de paquetes IGMP.&#xa0;Un atacante podría explotar estas vulnerabilidades mediante el envío de un tráfico IGMP diseñado hacia un dispositivo afectado.&#xa0;Una explotación con éxito podría permitir al atacante bloquear inmediatamente el proceso IGMP o causar el agotamiento de la memoria, resultando en que otros procesos se vuelvan inestables.&#xa0;Estos procesos pueden incluir, pero no se limitan a, protocolos de enrutamiento interior y exterior. Cisco emitirá actualizaciones de software que abordan estas vulnerabilidades",
      },
   ],
   id: "CVE-2020-3569",
   lastModified: "2025-02-24T15:39:08.970",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-09-23T01:15:15.503",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Mitigation",
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mitigation",
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-dvmrp-memexh-dSmpdvfz",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-770",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_4009 -
cisco ncs_4016 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08864A59-0840-4407-8D30-9CE34BAF05E7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4009:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F40E779D-5865-4E4B-AE2D-CF1860BA19E2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_4016:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC6A867F-E809-4CB5-82DB-2670CB0A6359",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3970EB8-C75E-4610-9772-A7BD0CF4B018",
                     versionEndExcluding: "7.3.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el proceso del servidor SSH de Cisco IOS XR Software podría permitir a un atacante remoto autenticado sobrescribir y leer archivos arbitrario en el dispositivo local. Esta vulnerabilidad es debido a una insuficiente comprobación de entrada de los argumentos suministrados por el usuario para un método específico de transferencia de archivos. Un atacante con privilegios de nivel inferior podría explotar esta vulnerabilidad al especificar parámetros del Protocolo de Copia Segura (SCP) cuando se autentifica en un dispositivo. Una explotación con éxito podría permitir al atacante elevar sus privilegios y recuperar y cargar archivos en un dispositivo al que no debería tener acceso",
      },
   ],
   id: "CVE-2021-34718",
   lastModified: "2024-11-21T06:11:02.320",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "SINGLE",
               availabilityImpact: "NONE",
               baseScore: 8.5,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8,
            impactScore: 9.2,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.2,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 8.1,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 5.2,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-09-09T05:15:11.103",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-scp-inject-QwZOCv2",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-88",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-88",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2014-10-05 01:55
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3396Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3396Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco asr_9000_rsp440_router -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C15E168-11DA-4219-B689-78BC48935263",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A580194-1B06-4D71-B618-345046DBA9C6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.",
      },
      {
         lang: "es",
         value: "Cisco IOS XR en los dispositivos ASR 9000 no utiliza debidamente la compresión para la codificación de los rangos de puertos y los rangos de direcciones, lo que permite a atacantes remotos evadir las restricciones ACL de la tarjeta de línea Typhoon a través de trafico de transito, también conocido como Bug ID CSCup30133.",
      },
   ],
   id: "CVE-2014-3396",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 7.5,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2014-10-05T01:55:13.110",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3396",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3396",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-264",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2017-09-29 01:34
Modified
2025-01-27 19:02
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/101034Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1039445Broken Link, Third Party Advisory, VDB Entry
psirt@cisco.comhttps://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390Vendor Advisory
psirt@cisco.comhttps://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959Vendor Advisory
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcpVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/101034Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039445Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcpVendor Advisory
Impacted products
Vendor Product Version
cisco ios *
cisco 1000_integrated_services_router -
cisco 1100-4g_integrated_services_router -
cisco 1100-4gltegb_integrated_services_router -
cisco 1100-4gltena_integrated_services_router -
cisco 1100-4p_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1100-8p_integrated_services_router -
cisco 1100-lte_integrated_services_router -
cisco 1100_integrated_services_router -
cisco 1101-4p_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109-2p_integrated_services_router -
cisco 1109-4p_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x-8p_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 1801_integrated_service_router -
cisco 1802_integrated_service_router -
cisco 1803_integrated_service_router -
cisco 1811_integrated_service_router -
cisco 1812_integrated_service_router -
cisco 1841_integrated_service_router -
cisco 1861_integrated_service_router -
cisco 1905_integrated_services_router -
cisco 1906c_integrated_services_router -
cisco 1921_integrated_services_router -
cisco 1941_integrated_services_router -
cisco 1941w_integrated_services_router -
cisco 4000_integrated_services_router -
cisco 422_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8208 -
cisco 8212 -
cisco 8218 -
cisco 8800_12-slot -
cisco 8800_18-slot -
cisco 8800_4-slot -
cisco 8800_8-slot -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -
cisco 8831 -
cisco 9800-40 -
cisco 9800-80 -
cisco 9800-cl -
cisco 9800-l -
cisco asr_1000 -
cisco asr_1000-esp100 -
cisco asr_1000-esp100-x -
cisco asr_1000-esp200-x -
cisco asr_1000-x -
cisco asr_1001 -
cisco asr_1001-hx -
cisco asr_1001-hx_r -
cisco asr_1001-x -
cisco asr_1001-x_r -
cisco asr_1002 -
cisco asr_1002-hx -
cisco asr_1002-hx_r -
cisco asr_1002-x -
cisco asr_1002-x_r -
cisco asr_1004 -
cisco asr_1006 -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_1013 -
cisco asr_1023 -
cisco asr_900 -
cisco asr_9000 -
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_901-12c-f-d -
cisco asr_901-12c-ft-d -
cisco asr_901-4c-f-d -
cisco asr_901-4c-ft-d -
cisco asr_901-6cz-f-a -
cisco asr_901-6cz-f-d -
cisco asr_901-6cz-fs-a -
cisco asr_901-6cz-fs-d -
cisco asr_901-6cz-ft-a -
cisco asr_901-6cz-ft-d -
cisco asr_9010 -
cisco asr_901s-2sg-f-ah -
cisco asr_901s-2sg-f-d -
cisco asr_901s-3sg-f-ah -
cisco asr_901s-3sg-f-d -
cisco asr_901s-4sg-f-d -
cisco asr_902 -
cisco asr_902u -
cisco asr_903 -
cisco asr_907 -
cisco asr_914 -
cisco asr_920-10sz-pd -
cisco asr_920-10sz-pd_r -
cisco asr_920-10sz-pd_router -
cisco asr_920-12cz-a -
cisco asr_920-12cz-a_r -
cisco asr_920-12cz-a_router -
cisco asr_920-12cz-d -
cisco asr_920-12cz-d_r -
cisco asr_920-12cz-d_router -
cisco asr_920-12sz-im -
cisco asr_920-12sz-im_r -
cisco asr_920-12sz-im_router -
cisco asr_920-24sz-im -
cisco asr_920-24sz-im_r -
cisco asr_920-24sz-im_router -
cisco asr_920-24sz-m -
cisco asr_920-24sz-m_r -
cisco asr_920-24sz-m_router -
cisco asr_920-24tz-m -
cisco asr_920-24tz-m_r -
cisco asr_920-24tz-m_router -
cisco asr_920-4sz-a -
cisco asr_920-4sz-a_r -
cisco asr_920-4sz-a_router -
cisco asr_920-4sz-d -
cisco asr_920-4sz-d_r -
cisco asr_920-4sz-d_router -
cisco asr_920u-12sz-im -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -
cisco asr_9922 -
cisco catalyst_3650 -
cisco catalyst_3650-12x48fd-e -
cisco catalyst_3650-12x48fd-l -
cisco catalyst_3650-12x48fd-s -
cisco catalyst_3650-12x48uq -
cisco catalyst_3650-12x48uq-e -
cisco catalyst_3650-12x48uq-l -
cisco catalyst_3650-12x48uq-s -
cisco catalyst_3650-12x48ur -
cisco catalyst_3650-12x48ur-e -
cisco catalyst_3650-12x48ur-l -
cisco catalyst_3650-12x48ur-s -
cisco catalyst_3650-12x48uz -
cisco catalyst_3650-12x48uz-e -
cisco catalyst_3650-12x48uz-l -
cisco catalyst_3650-12x48uz-s -
cisco catalyst_3650-24pd -
cisco catalyst_3650-24pd-e -
cisco catalyst_3650-24pd-l -
cisco catalyst_3650-24pd-s -
cisco catalyst_3650-24pdm -
cisco catalyst_3650-24pdm-e -
cisco catalyst_3650-24pdm-l -
cisco catalyst_3650-24pdm-s -
cisco catalyst_3650-24ps-e -
cisco catalyst_3650-24ps-l -
cisco catalyst_3650-24ps-s -
cisco catalyst_3650-24td-e -
cisco catalyst_3650-24td-l -
cisco catalyst_3650-24td-s -
cisco catalyst_3650-24ts-e -
cisco catalyst_3650-24ts-l -
cisco catalyst_3650-24ts-s -
cisco catalyst_3650-48fd-e -
cisco catalyst_3650-48fd-l -
cisco catalyst_3650-48fd-s -
cisco catalyst_3650-48fq -
cisco catalyst_3650-48fq-e -
cisco catalyst_3650-48fq-l -
cisco catalyst_3650-48fq-s -
cisco catalyst_3650-48fqm -
cisco catalyst_3650-48fqm-e -
cisco catalyst_3650-48fqm-l -
cisco catalyst_3650-48fqm-s -
cisco catalyst_3650-48fs-e -
cisco catalyst_3650-48fs-l -
cisco catalyst_3650-48fs-s -
cisco catalyst_3650-48pd-e -
cisco catalyst_3650-48pd-l -
cisco catalyst_3650-48pd-s -
cisco catalyst_3650-48pq-e -
cisco catalyst_3650-48pq-l -
cisco catalyst_3650-48pq-s -
cisco catalyst_3650-48ps-e -
cisco catalyst_3650-48ps-l -
cisco catalyst_3650-48ps-s -
cisco catalyst_3650-48td-e -
cisco catalyst_3650-48td-l -
cisco catalyst_3650-48td-s -
cisco catalyst_3650-48tq-e -
cisco catalyst_3650-48tq-l -
cisco catalyst_3650-48tq-s -
cisco catalyst_3650-48ts-e -
cisco catalyst_3650-48ts-l -
cisco catalyst_3650-48ts-s -
cisco catalyst_3650-8x24pd-e -
cisco catalyst_3650-8x24pd-l -
cisco catalyst_3650-8x24pd-s -
cisco catalyst_3650-8x24uq -
cisco catalyst_3650-8x24uq-e -
cisco catalyst_3650-8x24uq-l -
cisco catalyst_3650-8x24uq-s -
cisco catalyst_3850 -
cisco catalyst_3850-12s-e -
cisco catalyst_3850-12s-s -
cisco catalyst_3850-12x48u -
cisco catalyst_3850-12xs-e -
cisco catalyst_3850-12xs-s -
cisco catalyst_3850-16xs-e -
cisco catalyst_3850-16xs-s -
cisco catalyst_3850-24p-e -
cisco catalyst_3850-24p-l -
cisco catalyst_3850-24p-s -
cisco catalyst_3850-24pw-s -
cisco catalyst_3850-24s-e -
cisco catalyst_3850-24s-s -
cisco catalyst_3850-24t-e -
cisco catalyst_3850-24t-l -
cisco catalyst_3850-24t-s -
cisco catalyst_3850-24u -
cisco catalyst_3850-24u-e -
cisco catalyst_3850-24u-l -
cisco catalyst_3850-24u-s -
cisco catalyst_3850-24xs -
cisco catalyst_3850-24xs-e -
cisco catalyst_3850-24xs-s -
cisco catalyst_3850-24xu -
cisco catalyst_3850-24xu-e -
cisco catalyst_3850-24xu-l -
cisco catalyst_3850-24xu-s -
cisco catalyst_3850-32xs-e -
cisco catalyst_3850-32xs-s -
cisco catalyst_3850-48f-e -
cisco catalyst_3850-48f-l -
cisco catalyst_3850-48f-s -
cisco catalyst_3850-48p-e -
cisco catalyst_3850-48p-l -
cisco catalyst_3850-48p-s -
cisco catalyst_3850-48pw-s -
cisco catalyst_3850-48t-e -
cisco catalyst_3850-48t-l -
cisco catalyst_3850-48t-s -
cisco catalyst_3850-48u -
cisco catalyst_3850-48u-e -
cisco catalyst_3850-48u-l -
cisco catalyst_3850-48u-s -
cisco catalyst_3850-48xs -
cisco catalyst_3850-48xs-e -
cisco catalyst_3850-48xs-f-e -
cisco catalyst_3850-48xs-f-s -
cisco catalyst_3850-48xs-s -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -


To clipboard 

{
   cisaActionDue: "2022-03-24",
   cisaExploitAdd: "2022-03-03",
   cisaRequiredAction: "Apply updates per vendor instructions.",
   cisaVulnerabilityName: "Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B29302F-A386-4E69-BD22-59CDF9CB0E21",
                     versionEndIncluding: "15.6",
                     versionStartIncluding: "12.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:1000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4856E07-B3C2-4674-9584-866F6AF643B2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4gltegb_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "62564BB8-1282-4597-A645-056298BE7CCB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4gltena_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80E9CC47-3D7C-437A-85BE-4BB94C8AF1B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A2D2305B-B69E-4F74-A44E-07B3205CE9F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "26DD41B3-1D1D-44D3-BA8E-5A66AFEE77E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-lte_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EBE4E146-1D77-4F15-AE58-3C1CE5DB62C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1952B64C-4AE0-4CCB-86C5-8D1FF6A12822",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5AAD4397-6DCF-493A-BD61-3A890F6F3AB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3F2F0A8E-97F6-41AC-BE67-4B2D60F9D36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB9229F3-7BCE-46C4-9879-D57B5BAAE44E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B80890A8-E3D3-462C-B125-9E9BC6525B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5A606FE-E6F1-43F9-B1CD-D9DF35FC3573",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0547E196-5991-4C33-823A-342542E9DFD3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3F374DC-B9F7-4515-A064-01BB436CA984",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D916389F-54DB-44CB-91DD-7CE3C7059350",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1801_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D5E48D7-2266-4649-90A9-62C476AFE6DE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1802_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "99581637-E184-4A02-8313-57C7C31E5479",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1803_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C6D4A90-31B9-4B6C-ADAC-44C49DB44115",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1811_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B3AF3F75-0BD8-4AA6-B696-3624BEE86681",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1812_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C58CEA6-69F8-4021-98C9-4676C70AB167",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1841_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF156D97-7C39-49CF-9938-D9681066FF05",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1861_integrated_service_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "459FEB4E-54E3-4FE5-82A5-6E4ECE855DD6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1905_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "871AC0F6-5C01-43A1-8436-7885439BD81F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1906c_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1DEFFA8-11A6-43CC-A886-DD38EFF22ACB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1921_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2147DBF8-B733-4F76-90C5-9D94F1E93625",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1941_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F42D5B4-BB07-4C9C-852F-0D839E9F2AA7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1941w_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9222CA59-F4FD-478D-83C9-566B389140B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE82335E-ECEC-47BD-BC4A-5FDEA08D1A18",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:422_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "03A273EE-41C1-41E9-9002-46F83FC6533F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8208:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A34DAD43-0C95-4830-8078-EFE3E6C0A930",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8212:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "46F5CBF0-7F55-44C0-B321-896BDBA22679",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8218:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D381E343-416F-42AF-A780-D330954F238F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B4318C0-0FD0-46B3-8E23-94EC53A34A20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "16FC6220-78E1-44A6-A596-6368D3EF7CC4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DCAEDE0A-E6F9-4727-8DC2-F47579220BE0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800_8-slot:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E289FAD-04F0-4E3A-BC4D-8E5116F01AF0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE2514A1-486C-40F7-8746-56E2B973CBE6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2C3816C-95F4-443C-9C79-72F0251528F4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1810C73-93B8-4EB5-85FC-3585AD5256BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE2BC76E-A166-4E71-B058-F49FF84A9E19",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "542244A0-300C-4630-812A-BF45F61E38DD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91209C16-A620-44A0-9134-8AA456343F29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp100:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C5C1005-0C12-4EDA-BC4A-B52201C4F516",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp100-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "917B52DF-4210-4DD6-97EF-8A033497A954",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-esp200-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7F413FB-D4F9-4113-9D67-2956BF1DC30D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE2182E7-C813-4966-A36C-E648A9344299",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ED7C321E-F083-4AB6-96A0-D6358980441E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7594E307-AC80-41EC-AE94-07E664A7D701",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "33208B25-0CBB-4E31-A892-60B7B5625155",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "09C913FF-63D5-43FB-8B39-598EF436BA5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "241EEBD9-76E4-4AE6-96B8-1C1ACD834F17",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E4376E56-A21C-4642-A85D-439C8E21CD7F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC03A84F-C8F2-4225-9A00-8FA35368CD57",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "444F688F-79D0-4F22-B530-7BD520080B8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51F2A755-556C-4C5E-8622-96D124319AF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7428E0A8-1641-47FB-9CA9-34311DEF660D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7401B7-094C-46EB-9869-2F0372E8B26B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "854D9594-FE84-4E7B-BA21-A3287F2DC302",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C81CC6E3-B989-4730-820E-46734E3E608D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FEF8271-315F-4756-931F-015F790BE693",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6279A69-2F9D-4CD9-9C19-62E701C3C4F9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-12c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A46BB1E3-D813-4C19-81FA-96B8EF3E2F7B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "64E9CCC6-CA54-44C4-9A41-D2CA3A25BE8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-4c-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC4E0CC8-9C67-4EB0-97A1-BAEFC6E9708A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDB1A95C-8513-4CC7-8CDF-012B212FF02F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE761B1C-D749-4E1B-9A4A-7F41D1DF9C8C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97B64B28-7F3F-40BC-B289-0D1DB55B6461",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-fs-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5603296-34B3-4EEB-B242-C44BC56BFBB8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C2A515C-797D-47EE-8051-F3FBE417BCE9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901-6cz-ft-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E673A75F-EFF8-4591-8E0F-A21083563DBA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5456C70-6BA4-456A-BCFA-06FD052E44EF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-2sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "515CD97F-DDBD-4F75-A6DB-646890A30B32",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-ah:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E181FC9-6790-4C12-874F-67252B6879BA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-3sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CAD4F12D-3F97-44D2-9DE2-571425E75F4E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_901s-4sg-f-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB1288DB-5946-4091-A6E8-42E0A0E7B2B9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "70352B04-C3FD-47F5-A2F8-691CF63EB50D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_902u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FE063AF2-5579-4D7E-8829-9102FC7CB994",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "51938C0A-AFDB-4B12-BB64-9C67FC0C738F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_907:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A18E4A46-10D3-48F8-9E92-377ACA447257",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_914:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "67D5E61B-9F17-4C56-A1BB-3EE08CB62C53",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DBE110B5-CC6E-4103-9983-4195BCC28165",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B97DDC45-ABD1-4C8F-A249-0865345637A4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-10sz-pd_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D8A748B-DDA9-4F0B-9AAA-F9A62BBC3DCB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FE4D129-435B-45DD-838D-4017BD94DF93",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "456C68A8-F3C8-4302-B55A-134979B42045",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-a_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F681230-2530-4ED9-85E9-FE7A57FCF2F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "870D5B63-A1D5-442A-B2B9-9E522E5DB08F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17C6733C-F77B-4688-B051-C1557F4D8D41",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12cz-d_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1E3D23C1-FE0E-4D33-9E89-07A4135E1360",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2BD45D77-4097-4AFB-98DF-5B8188316C20",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "489F97AB-5C6D-4AFE-BE5A-ABF7F9ED8B66",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-12sz-im_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E598123-4AF8-44F6-BE87-9F62007FF658",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "064DB97B-9E52-45BC-9F43-8FCB5570FC7D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "31608C12-FBED-4EAD-96EC-48BC4B356B77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-im_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC28F05-20D0-4518-93FF-F254BA81E4B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D989205A-0576-415C-935E-E83AD42FD1CB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D21D9A5-DE8F-4C55-B03F-35C04C270A40",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24sz-m_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D2BCA1C7-5642-4A2B-9E61-B141E70E098A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78C3EB40-574A-48F7-A679-90F62ED976B5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6CC6206-DF19-4636-84C2-8912E443D122",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-24tz-m_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C27ED272-FCA6-4002-93E1-EF0B89C84572",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85489F69-EAF0-4971-8C93-36838A8AA00E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE95FEC1-12F3-44FC-B922-CD18CADB42FE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-a_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AAD184DD-8774-4C18-BE53-BC6B133B01C8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D029B0C-2DAE-491A-90B4-79C093EC9E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d_r:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE37BC85-7758-4412-A5E6-0F1A19E8776B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920-4sz-d_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "22F587F6-876D-4AE4-B6BD-ED50D47F5361",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA179D79-07E7-4721-85BB-0C740B516B1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E7ED87-8AC0-4107-A7A5-F334236E2906",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7814FA61-CAF1-46DE-9D84-CEBE6480EA03",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EE4F60E-DF3D-4839-8731-7CF16DA8FF26",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8EA5EEE3-A084-46B4-84C0-ADFD69800649",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "592F67D5-344B-49AF-A277-1089A40AC2FD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7434059A-25B8-4FAC-A756-6E571348B76E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB2A5355-BF40-437C-8683-A7A81DEE362C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43F4B90E-3499-45D4-864D-18505E2149F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B9BE6BA-6B2D-47C9-B8F1-3C9CE213948D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "858FEECF-CC69-4E68-8E8A-674643021964",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BE5FCCFF-E491-474F-9B86-AB51D8244582",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA8464F8-D6D2-4165-ADE8-B40F7D8556C2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61007628-A81B-43E0-86DE-1F7DDAD9F1A7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91B9F022-4C3D-493E-9418-E9CDDAFEC9B1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C3F03C3-C0CA-4E9B-A99A-BE28153EB5C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B39F250E-6A89-4537-BD31-1FB81734A9A1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB4E3B69-DDE8-4EA2-8E63-D6EEF41083B3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8904EAF5-25E7-4A6B-8117-1859F913B83B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A369CD35-1242-4556-A83D-BD69CC149CFA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA2D1B9E-6234-4FD6-A003-AFBC8A4DC2E6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "784A1499-1F33-493D-B433-EB2550C03C19",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "59A990D6-B748-4AFD-B924-1D19680BD3DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CECFC88D-5480-46E4-BF74-E11A514A8BDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E54D16A8-0407-41E3-9599-9A6F57E1AA75",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C94A9A21-C4F7-4EA4-95B1-DEA7DDA0F77D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DF3818CC-8653-4A9E-A57B-950A15914D6B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EDC790B-B42D-45DB-ACF5-A789F76C2BC4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2A6BC84-91F2-437D-9D2E-F8B3F5966767",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F331F13-5D05-4213-B442-D48D8E22287B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6E312F4-90DA-40E4-BCD1-92F41BEEEECF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA32EA3F-946D-430D-B00F-939D828DD72C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D239A09C-34D2-4418-B538-03A1080B8479",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C84561E-DD99-4433-9EF2-083F7C300123",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B29871BE-CA7D-4108-B46A-CBD539C9A2B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39CD9189-6524-4157-B90E-FF6A81DE3599",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2CF1B702-643A-4AF2-B0AD-3C540CF85F2A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "96269625-CB31-4850-872B-B2C1321B13B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "426B68A6-3A41-43DB-846F-AEFBA62E221B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BDE086A-3FE5-46E3-BD66-23D0AE5089BE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA53775A-D3ED-4D34-8338-A384DBEB94E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7D4522-D6BB-467F-AF5D-4D753A89D524",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C96215F-A300-4B4E-9D3A-C32E484BFC5B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0C680534-C663-40B0-A4AA-7F292EE60FE2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BAF4F233-7B47-46ED-BDC5-A589BCFC0B39",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4A528EC0-4650-4787-BE52-A588E7E38A31",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "53898E96-03D6-43A2-AE05-46C62464BD26",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "465917E5-8BF0-4BBB-85A0-DE8F516880C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9FA66D9-E465-406E-A95C-608A1BE34D74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4EFFE6E6-413F-48AC-B4CE-0F1058C48FC2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1456B204-A2A5-4790-A684-7F50D692EC9F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD715BDD-7C74-4785-BEDF-75918F6FB37A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4CD10664-94D0-48C0-92EF-E8EA66841245",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "071A47F9-FF35-4F2C-BF5D-897CAC8BC08A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9E988448-36C9-47E0-9356-DA400EB824E3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9D067EF9-00DB-4979-B12E-55749059A083",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A9FA300A-44B1-44EE-8111-C1296EB0B638",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8598A543-B30B-4BD4-9974-F432FFFDCDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "48DEBBAD-D28D-4784-BBD8-9FAD1710A919",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A5FC516-6B48-4D77-B26D-FA097AC91D1A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A7437E4-5C09-436C-AFBC-F6B6747A4339",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "ECBC0277-4990-4DE7-AD80-20E8A6F561D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6E7DAF69-662B-4999-A6AD-AA528B53EAF7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2DF90C70-A2B8-44A4-B4A1-2A1B48AA9D0A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D28306B1-3DDE-4444-9784-522B3D2163EE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9257D187-1F2D-40F4-8C87-78978DB56C3F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BF4A033-FD9E-4B98-A0FD-CF6CD9BD3E5B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4AF8261-74E0-4F53-B82C-A7BA7559D7CB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "25AE251E-E99F-4546-85B0-C57834B040B7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C62FFCB9-4253-459B-9298-C252DA9177DB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "991CBDFB-6836-4D1F-80A9-14EBCE3F855F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B4C0250-DA0D-4CEE-99F4-C211163C6653",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E18C436-AC70-4E2E-8ED2-EEADFCE36CB2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D453BF6-AB9F-4D47-B4DF-C25C67358FFE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "005F5347-A5E6-4954-ACAB-E4DF29119724",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "882B8D8F-E154-45C3-BB47-5353167C9776",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E87F823-D924-4718-AD81-248A6C619531",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E45BCCD0-65BB-431F-B448-221C1595CD92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F33BA722-0680-4074-8D03-41657F8CDCC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "295C46B4-5E9F-4DD8-861B-00BA43923306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F840171D-CA1C-4E25-BD41-6B871C47BB84",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B240B20-CF48-4A72-9653-9D04D59C1391",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "74CCD143-3D6E-4880-B275-ECF5B04238C6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D58FF034-8E07-4518-A858-5F16F22217E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "376AD386-373D-4B24-966F-D11F76C9020F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0C1174-C789-4547-9899-F7FCD0905F92",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC366801-655A-403B-ACD9-3BB43802A3C5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "47E4D5A8-7E4A-44C5-81DC-84712781206D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B13D6D50-D0FA-4527-BED3-52560DDD5253",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "965BF315-D833-4711-97FC-512151113367",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04072C0F-78A2-4D10-87B2-52DC2537BA89",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD262F58-C47F-439E-A9FF-D1C60120D306",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to a buffer overflow condition in the DHCP relay subsystem of the affected software. An attacker could exploit this vulnerability by sending a crafted DHCP Version 4 (DHCPv4) packet to an affected system. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a DoS condition. Cisco Bug IDs: CSCsm45390, CSCuw77959.",
      },
      {
         lang: "es",
         value: "El subsistema relay DHCP de Cisco IOS desde la versión 12.2 hasta la 15.6 y Cisco IOS XE contiene una vulnerabilidad que podría permitir a un atacante remoto no autenticado ejecutar código arbitrario y obtener el control total del sistema afectado. El atacante podría también hacer que el sistema afectado se reinicie, provocando una denegación de servicio (DoS) en consecuencia. Esta vulnerabilidad se debe a un desbordamiento de búfer en el subsistema relay DHCP del software afectado. Un atacante podría explotar esta vulnerabilidad mediante el envío de un paquete DHCPv4 (DHCP Version 4) al sistema afectado. Una explotación exitosa podría permitir que el atacante ejecute código arbitrario y obtenga el control total del sistema afectado o haga que el sistema afectado se reinicie, provocando una denegación de servicio (DoS) como consecuencia. Cisco Bug IDs: CSCsm45390, CSCuw77959.",
      },
   ],
   id: "CVE-2017-12240",
   lastModified: "2025-01-27T19:02:08.620",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 10,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 9.8,
               baseSeverity: "CRITICAL",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-09-29T01:34:49.077",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/101034",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1039445",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/101034",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1039445",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCsm45390",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://quickview.cloudapps.cisco.com/quickview/bug/CSCuw77959",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170927-dhcp",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Analyzed",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-119",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2014-07-18 00:55
Modified
2025-04-12 10:46
Severity ?
Summary
Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3321Vendor Advisory
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=34936Vendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1030597Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3321Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=34936Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030597Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr 4.3.0
cisco ios_xr 4.3.1
cisco ios_xr 4.3.2
cisco asr_9000_rsp440_router -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "23014C8E-362A-45AB-9628-B7153E729430",
                     versionEndIncluding: "4.3.4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "074571B4-65EF-451A-89DC-0797F6E4BFEA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "D909532E-85F5-4201-8BFF-561A21998D97",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:4.3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "73D962D3-563F-4CDE-B51D-224D7995FBC9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000_rsp440_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A580194-1B06-4D71-B618-345046DBA9C6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.",
      },
      {
         lang: "es",
         value: "Cisco IOS XR 4.3.4 y anteriores en dispositivos ASR 9000, cuando el enrutamiento de 'bridge-group virtual interface' (BVI) está habilitado, permite a atacantes remotos causar una denegación de servicio (cuelgues de chip y tarjeta) a través de una serie de paquetes MPLS manipulados, también conocido como Bug ID CSCuo91149.",
      },
   ],
   id: "CVE-2014-3321",
   lastModified: "2025-04-12T10:46:40.837",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 5.7,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:M/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 5.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2014-07-18T00:55:04.923",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3321",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34936",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1030597",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3321",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/viewAlert.x?alertId=34936",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1030597",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Deferred",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2021-09-09 05:15
Modified
2024-11-21 06:11
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxcVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xr *
cisco ios_xr *
cisco ios_xrv -
cisco ios_xrv_9000 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_520 -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_6000 -
cisco ncs_6008 -
cisco ios_xr *
cisco ios_xr *
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco ios_xr *
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8804 -
cisco 8808 -
cisco 8812 -
cisco 8818 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
                     versionEndExcluding: "7.3.2",
                     versionStartIncluding: "7.1.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
                     versionEndExcluding: "7.3.2",
                     versionStartIncluding: "7.1.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F39CC9A-297B-428A-82B4-BA0B83AA85CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
                     versionEndExcluding: "7.3.2",
                     versionStartIncluding: "7.1.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_520:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5249FE7A-FAAE-42C4-9250-DF4B2009F420",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08864A59-0840-4407-8D30-9CE34BAF05E7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
                     versionEndExcluding: "7.3.2",
                     versionStartIncluding: "7.1.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
                     versionEndExcluding: "7.3.2",
                     versionStartIncluding: "7.1.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
                     versionEndExcluding: "7.3.2",
                     versionStartIncluding: "7.1.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6008:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "61AF653C-DCD4-4B20-A555-71120F9A5BB9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
                     versionEndExcluding: "7.3.2",
                     versionStartIncluding: "7.1.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "94870F6C-0223-463B-A29F-2C9AE7DE7CAD",
                     versionEndExcluding: "7.3.2",
                     versionStartIncluding: "7.1.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "42290FCA-82E3-4D64-801C-F65FF4CAAFBD",
                     versionEndExcluding: "7.4.1",
                     versionStartIncluding: "7.4.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6655851F-58D9-49D9-A56E-8440A7F7BB45",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F5E2AE67-DED3-4414-A194-386ADB2C8DC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3920133A-684D-4A9F-B65A-FF4EAE5052E5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ED06361-5A68-4656-AEA5-240C290594CD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.",
      },
      {
         lang: "es",
         value: "Varias vulnerabilidades en la CLI de Cisco IOS XR Software podrían permitir a un atacante local autenticado conseguir acceso al shell root subyacente de un dispositivo afectado y ejecutar comandos arbitrario con privilegios de root. Para conseguir más información sobre estas vulnerabilidades, consulte la sección Details de este aviso",
      },
   ],
   id: "CVE-2021-34722",
   lastModified: "2024-11-21T06:11:02.993",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2021-09-09T05:15:11.770",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cmd-inj-wbZKvPxc",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-78",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2023-03-09 22:15
Modified
2024-11-21 07:40
Severity ?
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5FqVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5FqVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xrv_9000 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ios_xr *
cisco nc57-18dd-se -
cisco nc57-24dd -
cisco nc57-36h-se -
cisco nc57-36h6d-s -
cisco ncs_540 -
cisco ncs_540_fronthaul -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -
cisco ncs_560-4 -
cisco ncs_560-7 -
cisco ncs_57b1-5dse-sys -
cisco ncs_57b1-6d24-sys -
cisco ncs_57c1-48q6-sys -
cisco ncs_57c3-mod-sys -
cisco ncs_57c3-mods-sys -
cisco ios_xr *
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ios_xr *
cisco ncs_6000 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A8E6CEEB-0908-4884-A51E-000000DE5E92",
                     versionEndExcluding: "7.9.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "FAE7AE4D-73A6-4179-80DA-2219563928E1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FF7BDEE-8351-4CE3-BEAD-42C8767E0BF8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "A5266F35-6886-4CF1-81DB-25626A0A26A0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "910A1686-5B13-4D37-9C1F-2F0073D57E5F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B25F4932-6940-4934-B110-577417B93948",
                     versionEndExcluding: "7.6.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:nc57-18dd-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98728BD8-C11B-413D-8C8A-052661A608AA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nc57-24dd:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71B61EB0-E121-4899-9504-269CE4E7E3EB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nc57-36h-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6811F99A-F96F-4B26-AF68-DC1A8C3B65E0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:nc57-36h6d-s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "560B88A5-3716-43AB-A094-063293EF6509",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F9C17E4B-1B14-42F2-BCE6-2D5020625382",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "08864A59-0840-4407-8D30-9CE34BAF05E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "13EEDD1C-25BC-4AFA-AF60-66DE36927528",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5CD3B06B-864E-4A35-B0C3-1654390022D2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD1B4F37-5AAA-4F40-8865-226289CB5CEB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_57c3-mod-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "355F78C3-C07F-48C3-9B6E-55714EAA7331",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_57c3-mods-sys:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98F06B5D-6CE8-42C3-8760-89B4EF1FFC21",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3FBC1F6-F523-485A-A466-B6DBA15E6537",
                     versionEndExcluding: "7.7.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3C15E168-11DA-4219-B689-78BC48935263",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device.",
      },
   ],
   id: "CVE-2023-20064",
   lastModified: "2024-11-21T07:40:28.087",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "PHYSICAL",
               availabilityImpact: "NONE",
               baseScore: 4.6,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 0.9,
            impactScore: 3.6,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "PHYSICAL",
               availabilityImpact: "NONE",
               baseScore: 4.6,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 0.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-03-09T22:15:52.277",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-862",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-09-23 01:15
Modified
2024-11-21 04:29
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5500 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000 -
cisco asr_9000 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco carrier_routing_system -
cisco ios_xrv_9000 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_540 -
cisco ncs_5500 -
cisco ncs_6000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5500 -
cisco ncs_560 -
cisco ios_xr 7.0.1
cisco asr_9000 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xrv_9000 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5500 -
cisco ncs_560 -
cisco ncs_6000 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "A15B6B59-E90B-43A8-B4E7-3718FE6990AE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "A50A1CA4-F928-4787-ADB4-0274301B7EF6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "9FF5102C-3163-48F1-8D44-352D6715288D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "7FA1F27F-3265-482D-AD31-BCB300419526",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "6D1A5E2E-1CF6-4E3D-A474-9AA26758E574",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "3AE8FA9B-C71B-42AE-94B2-580F505BC17F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:carrier_routing_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58042C12-8C73-4FD2-B9D5-BD895C442C50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades en la implementación de la funcionalidad de Border Gateway Protocol (BGP) Ethernet VPN (EVPN) en Cisco IOS XR Software, podrían permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS).&#xa0;Las vulnerabilidades son debido al procesamiento incorrecto de los mensajes de actualización de BGP que contienen atributos EVPN diseñados.&#xa0;Un atacante podría explotar estas vulnerabilidades mediante el envío de mensajes de actualización de BGP EVPN con atributos malformados para que sean procesados por un sistema afectado.&#xa0;Una explotación con éxito podría permitir a un atacante causar que el proceso BGP se reinicie inesperadamente, resultando en una condición DoS.&#xa0;La implementación de Cisco de BGP acepta tráfico BGP entrante solo de peers definidos explícitamente.&#xa0;Para explotar estas vulnerabilidades, el mensaje de actualización de BGP malicioso necesitaría provenir de un peer BGP válido configurado, o necesitaría ser inyectado por el atacante en la red BGP de la víctima en una conexión TCP válida existente a un peer BGP",
      },
   ],
   id: "CVE-2019-16021",
   lastModified: "2024-11-21T04:29:56.580",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-09-23T01:15:13.940",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-05-16 02:29
Modified
2024-11-21 04:37
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/108363Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/108363Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 5.3.3
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:5.3.3:sp10:*:*:*:*:*:*",
                     matchCriteriaId: "29539C29-8282-4C0F-A3A7-B3FD823DDEC0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the incorrect handling of certain MPLS OAM packets. An attacker could exploit this vulnerability by sending malicious MPLS OAM packets to an affected device. A successful exploit could allow the attacker to cause the lspv_server process to crash. The crash could lead to system instability and the inability to process or forward traffic though the device, resulting in a DoS condition that require manual intervention to restore normal operating conditions.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, podría permitir que un atacante adyacente sin autorización active una condición de Denegación de Servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido al manejo incorrecto de ciertos paquetes OAM de MPLS. Un atacante podría explotar esta vulnerabilidad enviando paquetes MPLS OAM maliciosos a un dispositivo afectado. Una explotación exito  podría permitir al atacante causar el bloqueo del proceso lspv_server. el bloqueo podría provocar la inestabilidad del sistema y la incapacidad de procesar o reenviar el tráfico por medio del dispositivo, resultando en una condición DoS que requiere de la intervención manual para restablecer las condiciones normales de operación.",
      },
   ],
   id: "CVE-2019-1846",
   lastModified: "2024-11-21T04:37:31.273",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "ADJACENT_NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 6.1,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:A/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 6.5,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "ADJACENT_NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.8,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-05-16T02:29:00.437",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/108363",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dos",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/108363",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-asr9k-mpls-dos",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2018-08-15 20:29
Modified
2024-11-21 03:38
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858.
References
psirt@cisco.comhttp://www.securityfocus.com/bid/105185Third Party Advisory, VDB Entry
psirt@cisco.comhttp://www.securitytracker.com/id/1041538Third Party Advisory, VDB Entry
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/105185Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1041538Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7C849A02-E9C9-455A-8F4F-1562169183E2",
                     versionEndIncluding: "6.3.3_base",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected device. A successful exploit could allow the attacker to cause services on the device to become unresponsive, resulting in a DoS condition. Cisco Bug IDs: CSCvj22858.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en el paquete de características Local Packet Transport Services (LPTS) de Cisco ASR 9000 Series Aggregation Services Router Software podría permitir que un atacante remoto no autenticado cree una condición de denegación de servicio (DoS) en un dispositivo afectado. La vulnerabilidad se debe a la falta de comprobaciones de entradas y validación en cierto tráfico entrante PTP (Precision Time Protocol) en un dispositivo afectado. Un atacante podría explotar esta vulnerabilidad inyectando tráfico mal formado en un dispositivo afectado. Si se explota con éxito, podría permitir que el atacante consiga que los servicios del dispositivo se reinicien, provocando una denegación de servicio (DoS). Cisco Bug IDs: CSCvj22858.",
      },
   ],
   id: "CVE-2018-0418",
   lastModified: "2024-11-21T03:38:11.260",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.8,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 6.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2018-08-15T20:29:01.017",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/105185",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1041538",
      },
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/105185",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1041538",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180815-asr-ptp-dos",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2022-04-15 15:15
Modified
2024-11-21 06:43
Severity ?
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFjVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFjVendor Advisory
Impacted products
Vendor Product Version
cisco ios 17.6.1
cisco 1100-4g_integrated_services_router -
cisco 1100-6g_integrated_services_router -
cisco 1101_integrated_services_router -
cisco 1109_integrated_services_router -
cisco 1111x_integrated_services_router -
cisco 111x_integrated_services_router -
cisco 1120_integrated_services_router -
cisco 1131_integrated_services_router -
cisco 1160_integrated_services_router -
cisco 4221_integrated_services_router -
cisco 8101-32fh -
cisco 8101-32h -
cisco 8102-64h -
cisco 8201 -
cisco 8201-32fh -
cisco 8202 -
cisco 8800 -
cisco asr_1001-x -
cisco asr_1002-hx -
cisco asr_1006-x -
cisco asr_1009-x -
cisco asr_900 -
cisco asr_9000v-v2 -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9902 -
cisco asr_9903 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco catalyst_3650 -
cisco catalyst_3850 -
cisco catalyst_8200 -
cisco catalyst_8300 -
cisco catalyst_8500 -
cisco catalyst_8500l -
cisco catalyst_9200 -
cisco catalyst_9300 -
cisco catalyst_9400 -
cisco catalyst_9500 -
cisco catalyst_9500h -
cisco catalyst_9600 -
cisco catalyst_9800 -
cisco catalyst_9800-40 -
cisco catalyst_9800-80 -
cisco catalyst_9800-cl -
cisco catalyst_9800-l -
cisco catalyst_cg418-e -
cisco catalyst_cg522-e -
cisco catalyst_ess9300 -
cisco catalyst_ie3200 -
cisco catalyst_ie3300 -
cisco catalyst_ie3400 -
cisco catalyst_ie9300 -
cisco cloud_services_router_1000v -
cisco esr3300 -
cisco esr6300 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios:17.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "25FA8E21-9A5D-494C-92BF-42F1F4D2DCAA",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F77CD6A-83DA-4F31-A128-AD6DAECD623B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B68B363-3C57-4E95-8B13-0F9B59D551F7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5EB8A757-7888-4AC2-BE44-B89DB83C6C77",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B80890A8-E3D3-462C-B125-9E9BC6525B02",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0547E196-5991-4C33-823A-342542E9DFD3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "802CBFC1-8A2F-4BF7-A1D3-00622C33BE16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFE0FC1-EEBC-42F0-88B0-4AF5B76DDD97",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3F374DC-B9F7-4515-A064-01BB436CA984",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D916389F-54DB-44CB-91DD-7CE3C7059350",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E055F58F-F9FB-4B27-841E-61ECAB5F42B8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B832863-E366-46ED-BC35-838762F0CE29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:8800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E899BDC3-03A0-4ED7-8C36-7BC247A344A8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "09C913FF-63D5-43FB-8B39-598EF436BA5A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD2794BD-C8CE-46EF-9857-1723FCF04E46",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DE7401B7-094C-46EB-9869-2F0372E8B26B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D8A72FD-D8B0-45B5-8FAD-6D8395BB218A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_900:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EA873342-542E-4FC8-9C22-B5A43F9F3E9D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB91BE23-C710-473F-8E43-0E0DE760F8AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "91474DBC-FB31-4DDF-96C5-311FA1D53A74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FA241214-2F05-4360-9B50-385355E29CF4",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7814FA61-CAF1-46DE-9D84-CEBE6480EA03",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "005F5347-A5E6-4954-ACAB-E4DF29119724",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE9EABE0-5FB0-4277-A389-87732E750B7C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "72BBF8E8-7AD9-46B8-8B02-F0DB1F95E1CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A82CE19-C3C4-4FAD-A1B3-AB91EDB61591",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04AB61E9-0148-495E-BD21-64D52DE60A6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0972076B-5C87-44B3-90EC-4C200B89318A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "737F22AB-C5A9-4A18-BA3D-38A222491397",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "176ACF88-6112-4179-8492-50C50577B300",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D07FC868-0B38-4F24-BA40-87966FF80AB7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A48E6CF0-7A3B-4D11-8D02-0CD38F2420E9",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-40:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B9ED0E5-CB20-4106-9CF2-8EB587B33543",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-80:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B0E620C-8E09-4F7C-A326-26013173B993",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-cl:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF93F1C8-669F-4ECB-8D81-ECDA7B550175",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_9800-l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E0BA345-B7D7-4975-9199-4DC7875BBFD0",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_cg418-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "25CE5302-0BA9-4155-A68B-3CD735F64A9F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_cg522-e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "405B9D5D-09E9-48D9-A164-04A6DCE41482",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ess9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A80AB4A-A121-4777-BD99-62D658A3DE22",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EACA55A5-4E73-4187-96BE-08E04F2C7659",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8E31CB8F-60FF-4D03-BE8C-824ECE967797",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie3400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A8E319D-5AE5-4074-9DAF-4B65F3B3CEE5",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:catalyst_ie9300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8DF0025D-8DE1-437D-9A4E-72C3AC6B46CD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:cloud_services_router_1000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4CCB8270-A01D-40A6-BF4B-26BAF65E68F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:esr3300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D07773DC-24E0-4651-A98B-9CD54419F4D1",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:esr6300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44D19136-4ECB-437F-BA8A-E2FE35A39BF9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades en el entorno de alojamiento de aplicaciones Cisco IOx en varias plataformas de Cisco podrían permitir a un atacante inyectar comandos arbitrarios en el sistema operativo del host subyacente, ejecutar código arbitrario en el sistema operativo del host subyacente, instalar aplicaciones sin estar autenticado o conducir un ataque de tipo cross-site scripting (XSS) contra un usuario del software afectado. Para más información sobre estas vulnerabilidades, consulte la sección Details de este aviso",
      },
   ],
   id: "CVE-2022-20677",
   lastModified: "2024-11-21T06:43:17.923",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "LOW",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
               version: "3.1",
            },
            exploitabilityScore: 1.2,
            impactScore: 4.2,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 6.7,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "HIGH",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 0.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2022-04-15T15:15:12.413",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-22",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-326",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-09-23 01:15
Modified
2024-11-21 04:29
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpnVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr 6.6.1
cisco asr_9000 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_540 -
cisco ncs_5500 -
cisco ncs_6000 -
cisco ios_xr 6.6.2
cisco asr_9000 -
cisco asr_9000 -
cisco asr_9010 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9904 -
cisco asr_9910 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9912 -
cisco asr_9922 -
cisco asr_9922 -
cisco carrier_routing_system -
cisco ios_xrv_9000 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_540 -
cisco ncs_5500 -
cisco ncs_6000 -
cisco ios_xr 6.6.25
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5500 -
cisco ncs_560 -
cisco ios_xr 7.0.1
cisco asr_9000 -
cisco asr_9010 -
cisco asr_9904 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ios_xrv_9000 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_540 -
cisco ncs_540l -
cisco ncs_5500 -
cisco ncs_560 -
cisco ncs_6000 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "54EA6C52-E541-4426-A3DF-2FA88CA28BA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B8AE8971-5003-4A39-8173-E17CE9C2523F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "A15B6B59-E90B-43A8-B4E7-3718FE6990AE",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "A50A1CA4-F928-4787-ADB4-0274301B7EF6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "9FF5102C-3163-48F1-8D44-352D6715288D",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "7FA1F27F-3265-482D-AD31-BCB300419526",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "6D1A5E2E-1CF6-4E3D-A474-9AA26758E574",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:-:*",
                     matchCriteriaId: "3AE8FA9B-C71B-42AE-94B2-580F505BC17F",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:carrier_routing_system:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "58042C12-8C73-4FD2-B9D5-BD895C442C50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:*:*",
                     matchCriteriaId: "3DC7F758-5AB7-4A45-A889-BE9DD8D0474E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "82AF763B-9299-4EDC-B42D-B83736839CA1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1E82A9DB-C7ED-4BD9-8BAA-71928A23485C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "915D9708-E3AC-447A-A67C-815A8E282A42",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "430F0546-C2E9-41EE-8A8E-1C63945160F3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
                     matchCriteriaId: "1496BE0A-B0BA-48BC-A476-A85A6D62EA50",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_540l:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7987161E-E0C6-4BBB-91FC-F49A7F4AE6B6",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D686F339-9406-4ADF-B124-C815D43E4CAA",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_560:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D4CC8256-E4F8-4DCB-B69A-40A7C5AA41E8",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "523058BF-DE14-4FAD-8A67-C8CA795032D9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades en la implementación de la funcionalidad Border Gateway Protocol (BGP) Ethernet VPN (EVPN) en Cisco IOS XR Software, podrían permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS).&#xa0;Las vulnerabilidades son debido al procesamiento incorrecto de los mensajes de actualización de BGP que contienen atributos EVPN diseñados.&#xa0;Un atacante podría explotar estas vulnerabilidades mediante el envío de mensajes de actualización de BGP EVPN con atributos malformados para que sean procesados por un sistema afectado.&#xa0;Una explotación con éxito podría permitir a un atacante causar que el proceso BGP se reinicie inesperadamente, resultando en una condición DoS.&#xa0;La implementación de Cisco de BGP acepta tráfico BGP entrante solo de peers definidos explícitamente.&#xa0;Para explotar estas vulnerabilidades, el mensaje de actualización de BGP malicioso necesitaría provenir de un peer BGP válido configurado, o necesitaría ser inyectado por el atacante en la red BGP de la víctima en una conexión TCP válida existente para un peer BGP",
      },
   ],
   id: "CVE-2019-16019",
   lastModified: "2024-11-21T04:29:56.263",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 8.6,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 4,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-09-23T01:15:13.847",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-399",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2020-09-04 03:15
Modified
2024-11-21 05:31
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Summary
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqvVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqvVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco asr_9000v -
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9922 -
cisco ncs_1001 -
cisco ncs_1002 -
cisco ncs_1004 -
cisco ncs_5001 -
cisco ncs_5002 -
cisco ncs_5011 -
cisco ncs_5501 -
cisco ncs_5501-se -
cisco ncs_5502 -
cisco ncs_5502-se -
cisco ncs_5508 -
cisco ncs_5516 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9A42D395-5212-4A00-BE32-6D806D032E67",
                     versionEndExcluding: "7.1.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9000v:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "71BD158E-71D8-4DCA-8C09-F8AB7EF0EBDD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7AA58E5-D7E1-48CF-93FF-C60EB85B2BC7",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F6E0FBE-70B7-413C-8943-39BEFE050298",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E2A8C028-107B-4410-BCC6-5BCB8DB63603",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DA13FE67-F4AE-46DF-921B-3FB91BDF742B",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "98622F14-CC47-45E0-85E4-A7243309487C",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B254955-C485-45D7-A19B-E78CE1D997AD",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F72AEF0-EE70-40F8-B52B-1390820B87BB",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43D21B01-A754-474F-8E46-14D733AB307E",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "17D6424C-972F-459C-B8F7-04FFD9F541BC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. An attacker could exploit this vulnerability by issuing the command, which they should not be authorized to issue, on an affected device. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart. This vulnerability could allow a user with read permissions to issue a specific command that should require Administrator privileges.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la asignación del grupo de tareas para un comando de la CLI específico en Cisco IOS XR Software podría permitir a un atacante local autenticado ejecutar ese comando, aunque deberían ser requeridos privilegios administrativos. El atacante debe tener credenciales válidas en el dispositivo afectado. La vulnerabilidad es debido a una asignación incorrecta en el código fuente de las asignaciones de grupos de tareas para un comando específico. Un atacante podría explotar esta vulnerabilidad mediante la emisión del comando, que no debería estar autorizado para emitir, en un dispositivo afectado. Una explotación con éxito podría permitir al atacante invalidar la integridad del disco y causar que el dispositivo se reinicie. Esta vulnerabilidad podría permitir a un usuario con permisos de lectura emitir un comando específico que requeriría privilegios de Administrador",
      },
   ],
   id: "CVE-2020-3530",
   lastModified: "2024-11-21T05:31:15.670",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 5.6,
               confidentialityImpact: "NONE",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:N/I:P/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 7.8,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2,
            impactScore: 5.8,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 8.4,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 2,
            impactScore: 5.8,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-09-04T03:15:10.620",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-cli-privescl-sDVEmhqv",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-264",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-863",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-07-06 02:15
Modified
2024-11-21 04:37
Severity ?
6.8 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dosVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dosVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xr *
cisco asr_9001 -
cisco asr_9006 -
cisco asr_9010 -
cisco asr_9901 -
cisco asr_9904 -
cisco asr_9906 -
cisco asr_9910 -
cisco asr_9912 -
cisco asr_9920 -


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FB59674-AF15-4BB6-B33F-DE0F74327EB4",
                     versionEndExcluding: "6.6.2",
                     versionStartIncluding: "4.3.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "324C97E6-1810-404F-9F45-6240F99FF039",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "57EB55BB-41B7-40A1-B6F5-142FE8AB4C16",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "433F4A82-04A4-4EAA-8C19-F7581DCD8D29",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D5E60AB-94FF-448A-89D8-5D2197E21C74",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A93212A4-50AB-42E7-89A4-5FBBAEA050C3",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA53A61-98B3-458C-8893-61CD7D6B1E48",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F396564E-B477-4A27-A189-CEB737552E25",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5445CC54-ACFB-4070-AF26-F91FEAA85181",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:h:cisco:asr_9920:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "49E7ED87-8AC0-4107-A7A5-F334236E2906",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update messages that include a specific set of attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic from explicitly defined peers only. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim's BGP network on an existing, valid TCP connection to a BGP peer.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad en la implementación de la funcionalidad Border Gateway Protocol (BGP) en el software IOS XR de Cisco, podría permitir a un atacante remoto no autenticado causar una condición de denegación de servicio (DoS) en un sistema afectado. La vulnerabilidad es debido al procesamiento incorrecto de ciertos mensajes de actualización de BGP. Un atacante podría explotar esta vulnerabilidad mediante el envío mensajes de actualización de BGP que incluyan un conjunto específico de atributos para ser procesados ??por un sistema afectado. Una operación con éxito podría permitir que el atacante cause que el proceso BGP se reinicie inesperadamente, resultando en una condición de DoS. La implementación de BGP de Cisco acepta el tráfico BGP entrante solamente de peers explícitamente definidos. Para aprovechar esta vulnerabilidad, el mensaje malicioso de actualización de BGP debería provenir de un peer BGP configurado y válido o el atacante necesitaría inyectarlo hacia la red de BGP de la víctima en una conexión TCP válida existente a un peer de BGP.",
      },
   ],
   id: "CVE-2019-1909",
   lastModified: "2024-11-21T04:37:39.967",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.3,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 6.8,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.2,
            impactScore: 4,
            source: "psirt@cisco.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 5.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 2.2,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-07-06T02:15:11.527",
   references: [
      {
         source: "psirt@cisco.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos",
      },
   ],
   sourceIdentifier: "psirt@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "psirt@cisco.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-20",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}