All the vulnerabilites related to cisco - ess_3300
cve-2020-3512
Vulnerability from cvelistv5
Published
2020-09-24 17:51
Modified
2024-11-13 18:00
Severity ?
7.4 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5vendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:37:54.412Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20200924 Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-3512",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T17:23:36.491679Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T18:00:50.458Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2020-09-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-388",
              "description": "CWE-388",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-24T17:51:35",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20200924 Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ios-profinet-dos-65qYG3W5",
        "defect": [
          [
            "CSCvr54115"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2020-09-24T16:00:00",
          "ID": "CVE-2020-3512",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.4",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-388"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20200924 Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ios-profinet-dos-65qYG3W5",
          "defect": [
            [
              "CSCvr54115"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2020-3512",
    "datePublished": "2020-09-24T17:51:35.464835Z",
    "dateReserved": "2019-12-12T00:00:00",
    "dateUpdated": "2024-11-13T18:00:50.458Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-1452
Vulnerability from cvelistv5
Published
2021-03-24 20:06
Modified
2024-11-08 23:34
Severity ?
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrwvendor-advisory, x_refsource_CISCO
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210324 Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1452",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:20:02.410240Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:34:30.287Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE ROMMON Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-24T20:06:36",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210324 Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw"
        }
      ],
      "source": {
        "advisory": "cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw",
        "defect": [
          [
            "CSCvu65039"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-03-24T16:00:00",
          "ID": "CVE-2021-1452",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XE ROMMON Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210324 Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw",
          "defect": [
            [
              "CSCvu65039"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1452",
    "datePublished": "2021-03-24T20:06:36.323556Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:34:30.287Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2020-09-24 18:15
Modified
2024-11-21 05:31
Severity ?
7.4 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5Vendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe 15.2\(7\)e
cisco catalyst_3650-12x48uq -
cisco catalyst_3650-12x48ur -
cisco catalyst_3650-12x48uz -
cisco catalyst_3650-24pd -
cisco catalyst_3650-24pdm -
cisco catalyst_3650-48fqm -
cisco catalyst_3650-8x24uq -
cisco catalyst_3850-24xs -
cisco catalyst_3850-48xs -
cisco catalyst_3850-nm-2-40g -
cisco catalyst_3850-nm-8-10g -
cisco catalyst_c9200-24p -
cisco catalyst_c9200-24t -
cisco catalyst_c9200-48p -
cisco catalyst_c9200-48t -
cisco catalyst_c9200l-24p-4g -
cisco catalyst_c9200l-24p-4x -
cisco catalyst_c9200l-24pxg-2y -
cisco catalyst_c9200l-24pxg-4x -
cisco catalyst_c9200l-24t-4g -
cisco catalyst_c9200l-24t-4x -
cisco catalyst_c9200l-48p-4g -
cisco catalyst_c9200l-48p-4x -
cisco catalyst_c9200l-48pxg-2y -
cisco catalyst_c9200l-48pxg-4x -
cisco catalyst_c9200l-48t-4g -
cisco catalyst_c9200l-48t-4x -
cisco catalyst_c9300-24p -
cisco catalyst_c9300-24s -
cisco catalyst_c9300-24t -
cisco catalyst_c9300-24u -
cisco catalyst_c9300-24ux -
cisco catalyst_c9300-48p -
cisco catalyst_c9300-48s -
cisco catalyst_c9300-48t -
cisco catalyst_c9300-48u -
cisco catalyst_c9300-48un -
cisco catalyst_c9300-48uxm -
cisco catalyst_c9300l-24p-4g -
cisco catalyst_c9300l-24p-4x -
cisco catalyst_c9300l-24t-4g -
cisco catalyst_c9300l-24t-4x -
cisco catalyst_c9300l-48p-4g -
cisco catalyst_c9300l-48p-4x -
cisco catalyst_c9300l-48t-4g -
cisco catalyst_c9300l-48t-4x -
cisco catalyst_c9404r -
cisco catalyst_c9407r -
cisco catalyst_c9410r -
cisco catalyst_c9500-12q -
cisco catalyst_c9500-16x -
cisco catalyst_c9500-24q -
cisco catalyst_c9500-24y4c -
cisco catalyst_c9500-32c -
cisco catalyst_c9500-32qc -
cisco catalyst_c9500-40x -
cisco catalyst_c9500-48y4c -
cisco connected_grid_switch_2520 -
cisco ess_2020 -
cisco ess_3300 -
cisco ie-1000 -
cisco ie-2000u-16tc-g -
cisco ie-2000u-16tc-g-x -
cisco ie-2000u-16tc-gp -
cisco ie-2000u-4s-g -
cisco ie-2000u-4t-gs -
cisco ie-2000u-4ts-g -
cisco ie-2000u-8tc-g -
cisco ie-3000 -
cisco ie-3010-16s-8pc_industrial_ethernet_switch -
cisco ie-3010-24tc_industrial_ethernet_switch -
cisco ie-3200-8p2s-e -
cisco ie-3200-8t2s-e -
cisco ie-3300-8p2s-a -
cisco ie-3300-8p2s-e -
cisco ie-3300-8t2s-a -
cisco ie-3300-8t2s-e -
cisco ie-3300-8t2x-a -
cisco ie-3300-8t2x-e -
cisco ie-3300-8u2x-a -
cisco ie-3300-8u2x-e -
cisco ie-3400-8p2s-a -
cisco ie-3400-8p2s-e -
cisco ie-3400-8t2s-a -
cisco ie-3400-8t2s-e -
cisco ie-4000-16gt4g-e -
cisco ie-4000-16t4g-e -
cisco ie-4000-4gc4gp4g-e -
cisco ie-4000-4gs8gp4g-e -
cisco ie-4000-4s8p4g-e -
cisco ie-4000-4t4p4g-e -
cisco ie-4000-4tc4g-e -
cisco ie-4000-8gs4g-e -
cisco ie-4000-8gt4g-e -
cisco ie-4000-8gt8gp4g-e -
cisco ie-4000-8s4g-e -
cisco ie-4000-8t4g-e -
cisco ie-4010-16s12p_industrial_ethernet_switch -
cisco ie-4010-4s24p_industrial_ethernet_switch -
cisco ie-5000-12s12p-10g -
cisco ie-5000-16s12p -
cisco ie_2000-16ptc-g_industrial_ethernet_switch -
cisco ie_2000-16t67_industrial_ethernet_switch -
cisco ie_2000-16t67p_industrial_ethernet_switch -
cisco ie_2000-16tc-g-e_industrial_ethernet_switch -
cisco ie_2000-16tc-g-n_industrial_ethernet_switch -
cisco ie_2000-16tc-g-x_industrial_ethernet_switch -
cisco ie_2000-16tc-g_industrial_ethernet_switch -
cisco ie_2000-16tc_industrial_ethernet_switch -
cisco ie_2000-24t67_industrial_ethernet_switch -
cisco ie_2000-4s-ts-g_industrial_ethernet_switch -
cisco ie_2000-4t-g_industrial_ethernet_switch -
cisco ie_2000-4t_industrial_ethernet_switch -
cisco ie_2000-4ts-g_industrial_ethernet_switch -
cisco ie_2000-4ts_industrial_ethernet_switch -
cisco ie_2000-8t67_industrial_ethernet_switch -
cisco ie_2000-8t67p_industrial_ethernet_switch -
cisco ie_2000-8tc-g-e_industrial_ethernet_switch -
cisco ie_2000-8tc-g-n_industrial_ethernet_switch -
cisco ie_2000-8tc-g_industrial_ethernet_switch -
cisco iem-3300-14t2s -
cisco iem-3300-16p -
cisco iem-3300-16t -
cisco iem-3300-4mu-2 -
cisco iem-3300-6t2s -
cisco iem-3300-8p -
cisco iem-3300-8s -
cisco iem-3300-8t -
cisco iem-3400-8p -
cisco iem-3400-8s -
cisco iem-3400-8t -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:15.2\\(7\\)e:*:*:*:*:*:*:*",
              "matchCriteriaId": "C63AD57E-BA66-45B6-AC6E-2BD92A19A036",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7434059A-25B8-4FAC-A756-6E571348B76E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "858FEECF-CC69-4E68-8E8A-674643021964",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91B9F022-4C3D-493E-9418-E9CDDAFEC9B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8904EAF5-25E7-4A6B-8117-1859F913B83B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A990D6-B748-4AFD-B924-1D19680BD3DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C96215F-A300-4B4E-9D3A-C32E484BFC5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "991CBDFB-6836-4D1F-80A9-14EBCE3F855F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "295C46B4-5E9F-4DD8-861B-00BA43923306",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18736C74-F68F-4D0B-AE2B-4BC1834EF794",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D223C2AB-22A4-42B5-8BBB-78E2CBF23B40",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDD3EAA2-8F25-4099-B76F-5ACC3BE34610",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE9BD57F-BDAC-46DD-AF87-8914B29670F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFCEBFFC-DD60-4CB1-A7F2-9AC09977BA4F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9F7B21F-1DAA-45C7-8C24-D3A19F1C5459",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C4F9918-E075-4F78-AFD7-0BB7FA97C1F6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7E00A0B-A58E-472F-B107-0FE106751F2D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCB45406-5216-4A11-B8D3-C44639DC26B0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "215D01AE-3767-482A-85C5-3361506F0AC3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06E37A8-166F-4534-9089-D20B1227F4DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9D6DAE3-BAD0-46D8-B899-45B955F532F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "327167E8-4B65-4F9D-8760-34CDA03887CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0DA2253-C6A9-4749-B313-6552628A96F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C925086A-94B9-4FE0-9FEB-3242C1217453",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6EB14B34-4035-41D2-834B-7FB069264207",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A46D298-1685-410E-879C-2EBC45C185AC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "196A7C06-8371-479D-973D-591DEB181739",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE42511E-9883-4779-A8E5-FC3E16EF2793",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB06AD21-91A7-46B8-8F44-683828A5422D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA169AF-3743-4051-B63B-FF6E1ADCD886",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D13CF5B-4482-4C7D-8D6A-E220F3E4F868",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92134C0A-4E5B-43EF-8439-484DF504C43C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26ECF9BD-F632-4A02-8993-C0D44B91289C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "48730DB5-94AF-4BE7-8047-52B8B47CE35A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3A88142-3284-4C25-8774-36004B5F9087",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EB76311-4B6D-4897-A683-4244E92BD570",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDDA2975-CDB7-4182-A03E-D34F15CDF6F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B9D0B5-4BE1-490E-9A68-00A3D357BC3D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FA2F5A-6146-4142-96A8-552118E4BB67",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEF786D6-F28F-49D8-A15C-BFD0AA934355",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9404r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FEFF895-6E4A-4108-BD25-D7DC83154832",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9407r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A485A9A0-2EEC-4C13-846C-0DE2265B2A31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9410r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9F1ACA-9D67-4BF0-A357-40D39A61ED00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2E41E2-00CE-42C4-8C91-9307D76F5D7A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98CB2D23-B5F8-4FA9-8431-3B0124CE2140",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "53D13F1D-345D-45D5-9000-DAFE8A85D71B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CFB064E-E390-47B5-AA76-5D3D2E368055",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:connected_grid_switch_2520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CD18587-5E96-4368-B153-98276C03BE2D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess_2020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FFD77DA-ECD9-43DB-8405-BF3B04234CB3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess_3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B351A8-00DB-4FA6-9536-C3B8938C6D3D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-1000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1AE4AF5-111F-47EA-921F-B58C570B1AB5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-2000u-16tc-g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "798DF7E1-12C7-4C07-9E0A-F3F5F7B69115",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-2000u-16tc-g-x:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA9D5A00-6329-4629-851A-F2E204034B25",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-2000u-16tc-gp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1E709DD-B051-4612-A295-F64D934D9DC0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-2000u-4s-g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B06CD752-06CA-4A41-93CF-A1CADD3DD5DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-2000u-4t-gs:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F732189-B2CE-4D79-9E0B-87E9F1295D01",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-2000u-4ts-g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7271B8BC-0A31-41AD-A6EE-5119D8CD706C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-2000u-8tc-g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "309ACF28-4262-4AE4-96B5-85CD45D3F4C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C69ABC-43E5-4440-8D14-07C6531C77E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3010-16s-8pc_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0071F74-A0D3-45FE-8F58-F2F4D64AA0A1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3010-24tc_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "095B70C4-0551-42BB-88B3-602DA9AE7C18",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3200-8p2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "409A8E23-765E-4DDF-A1D6-957C069485F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3200-8t2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBDA8A7A-0E67-457D-B141-4A7123D88563",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8p2s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB9BE362-7510-49AA-8407-9DF16C2CE83F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8p2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "188F53F7-026B-439F-8230-7A86F88ED291",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8t2s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D83BE1F-BEAA-4A5E-ABB3-3D1C1290C33D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8t2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A025E73-71FF-4021-A531-972597B20983",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8t2x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "258F818D-A13B-487F-B885-BCD66CFD9A35",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8t2x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "96578BAC-0720-4662-9C15-10B085618ADB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8u2x-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B21C9C3-1B1F-4EAF-909B-D68A3975490A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3300-8u2x-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50D5D07D-81D0-4827-8AF9-4FA8E1C64D9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3400-8p2s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E1424EF-E9F8-40AD-8B77-95A6EC220C2E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3400-8p2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE60F5EA-EE6A-45F2-8276-6859F1F976F3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3400-8t2s-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10B5F733-8359-4A02-9AE6-379DCEF98B54",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-3400-8t2s-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E58BBF6-0975-45F0-9EBE-10AD86FBE1C3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-16gt4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD991C01-E65C-481C-AAA3-E08A24254DB2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-16t4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "268A46F5-DBB4-47BA-966E-F5A62DDF3C9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-4gc4gp4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "600D74B4-4F39-4C44-BA6A-BBB54A2BD180",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-4gs8gp4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99A6D521-867A-4153-9D44-9031DCEDE001",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-4s8p4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3E68FB8-A69F-44F3-85D1-615AB5C69ED7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-4t4p4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03563067-37A6-40C7-AC54-23EC0A6E8447",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-4tc4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24BD8251-608E-4107-9573-46D9B8F86943",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-8gs4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F83B7416-A5EF-49FA-85FC-88EBA723999B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-8gt4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE4D4D0-0637-4E34-8834-399155CD06E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-8gt8gp4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38D65414-A04C-46AF-837C-E3BA694CCF62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-8s4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A6CD85B-88F3-484A-8D47-41E04CF34AF7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4000-8t4g-e:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FDAAB5-0FF5-4313-A04F-7BC35061B553",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4010-16s12p_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A359421-6CD3-43E0-94FC-20C76756C7EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-4010-4s24p_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0F9DF32-3E0B-47FA-912A-FCE948BA768E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-5000-12s12p-10g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AAE3C21-1147-4C12-8B76-CEFC118996DD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie-5000-16s12p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA8E30FA-D61A-4047-A8EC-7EA2F5DF1007",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-16ptc-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F63F4C5-7784-4B83-B454-E9731210920B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-16t67_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A89AEB2-8690-4389-A896-10430A690243",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-16t67p_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D464787-DC79-474F-84CA-2B4AD209C21F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-16tc-g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAFC9C43-2BAE-4F4E-B084-F9FB54EEF6D1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-16tc-g-n_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6EAC97A-E3FC-490F-9D02-8CA8FA87D6DA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-16tc-g-x_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B0F4029-9E79-4ADE-A851-72F18635A492",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-16tc-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C224EE6-1436-4F11-94A8-4CC96A5001F5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-16tc_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A4E545-9F74-40CC-8212-11798AF8D611",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-24t67_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D817838-BDA5-4ED8-8EC9-6C5F4C3C9C5B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-4s-ts-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "842352DA-0E9B-4520-9B32-C766BEA7BF9C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-4t-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66521F18-9C3D-4323-AFC1-5A4ABC476084",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-4t_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E62F6C8-1B96-4093-8E54-05B0086842A4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-4ts-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D5D3398-D9AE-4447-8D21-03853B41594E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-4ts_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27364811-6885-49B9-ADE7-55CD69105EC7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-8t67_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77F72F96-3272-432C-A8B8-781C95D65A5E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-8t67p_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "036F4AFB-CBAA-4155-AC79-B2DC38E37613",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-8tc-g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9725FF2E-25DB-42EB-B504-B169392D6C31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-8tc-g-n_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "683C46D6-6DBD-4C99-A577-4CE624DEDD8B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ie_2000-8tc-g_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA132B36-55CB-492A-8B85-715201E7712F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3300-14t2s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FB643C1-EF42-440B-98B1-EAD1F2263BD6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3300-16p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7DCD235-75AC-42A8-BFD8-A6D7C0F4FD7E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3300-16t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C1BD017-FFE6-449B-BCA2-3FF63DF0817B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3300-4mu-2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0C94B91-10F9-4DE0-AC24-FE74BE429BAE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3300-6t2s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90BFFD51-73C6-4A29-940D-92D1747BCB74",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3300-8p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67AAE6BB-F377-42A8-B837-52D8C037CB4B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3300-8s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C49447E5-A907-410D-9902-6791236C48E7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3300-8t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A2425A7-D37F-4B12-B2DD-96DD7ED09914",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3400-8p:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51880705-BE24-4849-8A61-A4D3A25592F7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3400-8s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3555C71B-3CCF-41A4-85F7-91408D1451FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:iem-3400-8t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E68CBE3F-7204-45F6-A1DB-6C7FE71575C9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el manejador PROFINET para los mensajes Link Layer Discovery Protocol (LLDP) de Cisco IOS Software y Cisco IOS XE Software, podr\u00eda permitir a un atacante adyacente no autenticado causar un bloqueo en un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los mensajes LLDP en el manejador de mensajes PROFINET LLDP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un mensaje LLDP malicioso hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo afectado se recargue."
    }
  ],
  "id": "CVE-2020-3512",
  "lastModified": "2024-11-21T05:31:13.510",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 5.7,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 5.5,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-24T18:15:21.323",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-profinet-dos-65qYG3W5"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-388"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device.
References
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrwVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrwVendor Advisory
Impacted products
Vendor Product Version
cisco ios_xe_rom_monitor *
cisco catalyst_ie3200_rugged_switch -
cisco catalyst_ie3300_rugged_switch -
cisco catalyst_ie3400_heavy_duty_switch -
cisco catalyst_ie3400_rugged_switch -
cisco ess_3300 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe_rom_monitor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BF9EAFA-363D-4647-AB9F-6A9D6927C7BE",
              "versionEndIncluding": "7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86879AC0-890E-42F4-9561-6851F38FE0AD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19017B10-F630-42CD-ACD2-E817FEF0E7F1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A41A34-58D2-4DBC-ABC9-20A62BC8A838",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7CCC02-113E-4EA1-B0CA-9FDF1108BB71",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:ess_3300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B351A8-00DB-4FA6-9536-C3B8938C6D3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el ROM Monitor (ROMMON) del Software Cisco IOS XE para los Switches Cisco Catalyst IE3200, IE3300 e IE3400 Rugged Series, los Switches Cisco Catalyst IE3400 Heavy Duty Series y los Switches Cisco Embedded Services 3300 Series, podr\u00eda permitir a un atacante f\u00edsico no autenticado ejecutar c\u00f3digo sin firmar en el momento del arranque del sistema.\u0026#xa0;Esta vulnerabilidad es debido a comprobaciones incorrectas de argumentos de funciones espec\u00edficas que se pasan a un script de arranque cuando se establecen variables ROMMON espec\u00edficas.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad estableciendo valores maliciosos para una variable ROMMON espec\u00edfica.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo sin firmar y omitir la comprobaci\u00f3n de la imagen durante el proceso de arranque seguro de un dispositivo afectado.\u0026#xa0;Para explotar esta vulnerabilidad, el atacante no necesitar\u00eda estar autenticado, tener acceso f\u00edsico al dispositivo u obtener acceso privilegiado al shell root en el dispositivo"
    }
  ],
  "id": "CVE-2021-1452",
  "lastModified": "2024-11-21T05:44:23.770",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 5.9,
        "source": "ykramarz@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.8,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-03-24T20:15:15.540",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Primary"
    }
  ]
}