All the vulnerabilites related to cisco - ios_xe_rom_monitor
cve-2021-1452
Vulnerability from cvelistv5
Published
2021-03-24 20:06
Modified
2024-11-08 23:34
Severity ?
EPSS score ?
Summary
A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IOS XE ROMMON Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210324 Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1452",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:20:02.410240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:34:30.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE ROMMON Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-03-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-24T20:06:36",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210324 Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw"
}
],
"source": {
"advisory": "cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw",
"defect": [
[
"CSCvu65039"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-03-24T16:00:00",
"ID": "CVE-2021-1452",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE ROMMON Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210324 Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw"
}
]
},
"source": {
"advisory": "cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw",
"defect": [
[
"CSCvu65039"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1452",
"datePublished": "2021-03-24T20:06:36.323556Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:34:30.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20864
Vulnerability from cvelistv5
Published
2022-10-10 20:43
Modified
2024-11-01 18:49
Severity ?
EPSS score ?
Summary
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IOS XE Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:50.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220928 Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20864",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-01T18:40:27.471744Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-01T18:49:04.147Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-09-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-10T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220928 Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO"
}
],
"source": {
"advisory": "cisco-sa-iosxe-info-disc-nrORXjO",
"defect": [
[
"CSCvx64514",
"CSCvx88952",
"CSCwa53008",
"CSCwa58212"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20864",
"datePublished": "2022-10-10T20:43:16.392597Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-01T18:49:04.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3524
Vulnerability from cvelistv5
Published
2020-09-24 17:51
Modified
2024-11-13 18:01
Severity ?
EPSS score ?
Summary
A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. The vulnerability is due to the presence of a debugging configuration option in the affected software. An attacker could exploit this vulnerability by connecting to an affected device through the console, forcing the device into ROMMON mode, and writing a malicious pattern using that specific option on the device. A successful exploit could allow the attacker to break the chain of trust and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rommon-secboot-7JgVLVYC | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco IOS XE ROMMON Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco IOS XE ROM Monitor Software Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rommon-secboot-7JgVLVYC"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3524",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:17:51.731312Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:01:19.136Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE ROMMON Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. The vulnerability is due to the presence of a debugging configuration option in the affected software. An attacker could exploit this vulnerability by connecting to an affected device through the console, forcing the device into ROMMON mode, and writing a malicious pattern using that specific option on the device. A successful exploit could allow the attacker to break the chain of trust and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T17:51:22",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco IOS XE ROM Monitor Software Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rommon-secboot-7JgVLVYC"
}
],
"source": {
"advisory": "cisco-sa-rommon-secboot-7JgVLVYC",
"defect": [
[
"CSCuw17929",
"CSCuy11639",
"CSCuy11786",
"CSCuy11815"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE ROM Monitor Software Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3524",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE ROM Monitor Software Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE ROMMON Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. The vulnerability is due to the presence of a debugging configuration option in the affected software. An attacker could exploit this vulnerability by connecting to an affected device through the console, forcing the device into ROMMON mode, and writing a malicious pattern using that specific option on the device. A successful exploit could allow the attacker to break the chain of trust and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.4",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco IOS XE ROM Monitor Software Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rommon-secboot-7JgVLVYC"
}
]
},
"source": {
"advisory": "cisco-sa-rommon-secboot-7JgVLVYC",
"defect": [
[
"CSCuw17929",
"CSCuy11639",
"CSCuy11786",
"CSCuy11815"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3524",
"datePublished": "2020-09-24T17:51:22.118900Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:01:19.136Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2020-09-24 18:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. The vulnerability is due to the presence of a debugging configuration option in the affected software. An attacker could exploit this vulnerability by connecting to an affected device through the console, forcing the device into ROMMON mode, and writing a malicious pattern using that specific option on the device. A successful exploit could allow the attacker to break the chain of trust and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_rom_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F3B87A-F5B7-4D43-81A8-D67C53EBBDFA",
"versionEndExcluding": "16.2\\(1r\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8AED7C-DDA3-4C29-BB95-6518C02C551A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5419CB9F-241F-4431-914F-2659BE27BEA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5720462A-BE6B-4E84-A1A1-01E80BBA86AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8B60888-6E2B-494E-AC65-83337661EE7D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_rom_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "181B1A1A-572C-424F-A1DD-96363BAB235C",
"versionEndExcluding": "15.6\\(18r\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr-920-10sz-pd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FCA2DB2-AE09-4A99-90C9-60AE0CD9A035",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-12cz-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B83BED-5A49-4CF0-9827-AA291D01F60E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-12cz-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1E8937-51D9-43E6-876E-5D39AD3D32C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-12sz-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA7AE63-99B9-4F28-8670-639A9B31E494",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-12sz-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E858B4AB-49B1-4F1C-8722-6E6911194924",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-20sz-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60DFE60A-34C5-42C3-B539-57AAA9D4F684",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-24sz-im:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1B25F27-6527-46F8-9C1A-4B4F79F3E6C4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-24sz-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE70CCD-6062-45D8-8566-7C9E237E030F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-24tz-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "375F9E12-A61B-4FD3-AE07-D4E686EB112A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-4sz-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D724F932-4548-429D-8CAA-E82C3435A194",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr-920-4sz-d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCC94C3-9EEF-4600-BE82-8AEDEB0F1446",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_920u-12sz-im:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA179D79-07E7-4721-85BB-0C740B516B1F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_rom_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F3B87A-F5B7-4D43-81A8-D67C53EBBDFA",
"versionEndExcluding": "16.2\\(1r\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE2182E7-C813-4966-A36C-E648A9344299",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7C321E-F083-4AB6-96A0-D6358980441E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09C913FF-63D5-43FB-8B39-598EF436BA5A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4376E56-A21C-4642-A85D-439C8E21CD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "444F688F-79D0-4F22-B530-7BD520080B8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55DD2272-10C2-43B9-9F13-6DC41DBE179B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7428E0A8-1641-47FB-9CA9-34311DEF660D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*",
"matchCriteriaId": "854D9594-FE84-4E7B-BA21-A3287F2DC302",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_rom_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3896A4D0-A1B5-446A-B48C-22FEE9103F6F",
"versionEndExcluding": "16.4\\(1r\\)s",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:cbr8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C9D165E-900B-4B96-9AFA-BD267F0C6D8E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. The vulnerability is due to the presence of a debugging configuration option in the affected software. An attacker could exploit this vulnerability by connecting to an affected device through the console, forcing the device into ROMMON mode, and writing a malicious pattern using that specific option on the device. A successful exploit could allow the attacker to break the chain of trust and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco IOS XE ROM Monitor (ROMMON) Software para Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, y Cisco cBR-8 Converged Broadband Routers, podr\u00eda permitir a un atacante f\u00edsico no autenticado romper la cadena de confianza y cargar una imagen de software comprometida en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a la presencia de una opci\u00f3n de configuraci\u00f3n de depuraci\u00f3n en el software afectado.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante la conexi\u00f3n de un dispositivo afectado a mediante la consola, forzando el dispositivo al modo ROMMON y escribiendo un patr\u00f3n malicioso usando esa opci\u00f3n espec\u00edfica en el dispositivo.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante romper la cadena de confianza y cargar una imagen de software comprometida en el dispositivo afectado."
}
],
"id": "CVE-2020-3524",
"lastModified": "2024-11-21T05:31:14.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-24T18:15:21.620",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rommon-secboot-7JgVLVYC"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rommon-secboot-7JgVLVYC"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-24 20:15
Modified
2024-11-21 05:44
Severity ?
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ios_xe_rom_monitor | * | |
| cisco | catalyst_ie3200_rugged_switch | - | |
| cisco | catalyst_ie3300_rugged_switch | - | |
| cisco | catalyst_ie3400_heavy_duty_switch | - | |
| cisco | catalyst_ie3400_rugged_switch | - | |
| cisco | ess_3300 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_rom_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BF9EAFA-363D-4647-AB9F-6A9D6927C7BE",
"versionEndIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_ie3200_rugged_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86879AC0-890E-42F4-9561-6851F38FE0AD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_ie3300_rugged_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19017B10-F630-42CD-ACD2-E817FEF0E7F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_ie3400_heavy_duty_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04A41A34-58D2-4DBC-ABC9-20A62BC8A838",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_ie3400_rugged_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7CCC02-113E-4EA1-B0CA-9FDF1108BB71",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ess_3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63B351A8-00DB-4FA6-9536-C3B8938C6D3D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el ROM Monitor (ROMMON) del Software Cisco IOS XE para los Switches Cisco Catalyst IE3200, IE3300 e IE3400 Rugged Series, los Switches Cisco Catalyst IE3400 Heavy Duty Series y los Switches Cisco Embedded Services 3300 Series, podr\u00eda permitir a un atacante f\u00edsico no autenticado ejecutar c\u00f3digo sin firmar en el momento del arranque del sistema.\u0026#xa0;Esta vulnerabilidad es debido a comprobaciones incorrectas de argumentos de funciones espec\u00edficas que se pasan a un script de arranque cuando se establecen variables ROMMON espec\u00edficas.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad estableciendo valores maliciosos para una variable ROMMON espec\u00edfica.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo sin firmar y omitir la comprobaci\u00f3n de la imagen durante el proceso de arranque seguro de un dispositivo afectado.\u0026#xa0;Para explotar esta vulnerabilidad, el atacante no necesitar\u00eda estar autenticado, tener acceso f\u00edsico al dispositivo u obtener acceso privilegiado al shell root en el dispositivo"
}
],
"id": "CVE-2021-1452",
"lastModified": "2024-11-21T05:44:23.770",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-24T20:15:15.540",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-10 21:15
Modified
2024-11-21 06:43
Severity ?
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
4.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe_rom_monitor:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73D892AD-9925-45BF-BA30-870882F4668A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7814FA61-CAF1-46DE-9D84-CEBE6480EA03",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE4F60E-DF3D-4839-8731-7CF16DA8FF26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EA5EEE3-A084-46B4-84C0-ADFD69800649",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48fd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "592F67D5-344B-49AF-A277-1089A40AC2FD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7434059A-25B8-4FAC-A756-6E571348B76E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2A5355-BF40-437C-8683-A7A81DEE362C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43F4B90E-3499-45D4-864D-18505E2149F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uq-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9BE6BA-6B2D-47C9-B8F1-3C9CE213948D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur:-:*:*:*:*:*:*:*",
"matchCriteriaId": "858FEECF-CC69-4E68-8E8A-674643021964",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE5FCCFF-E491-474F-9B86-AB51D8244582",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA8464F8-D6D2-4165-ADE8-B40F7D8556C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48ur-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61007628-A81B-43E0-86DE-1F7DDAD9F1A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91B9F022-4C3D-493E-9418-E9CDDAFEC9B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3F03C3-C0CA-4E9B-A99A-BE28153EB5C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B39F250E-6A89-4537-BD31-1FB81734A9A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-12x48uz-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4E3B69-DDE8-4EA2-8E63-D6EEF41083B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8904EAF5-25E7-4A6B-8117-1859F913B83B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A369CD35-1242-4556-A83D-BD69CC149CFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA2D1B9E-6234-4FD6-A003-AFBC8A4DC2E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24pd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "784A1499-1F33-493D-B433-EB2550C03C19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59A990D6-B748-4AFD-B924-1D19680BD3DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CECFC88D-5480-46E4-BF74-E11A514A8BDD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E54D16A8-0407-41E3-9599-9A6F57E1AA75",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24pdm-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C94A9A21-C4F7-4EA4-95B1-DEA7DDA0F77D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF3818CC-8653-4A9E-A57B-950A15914D6B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EDC790B-B42D-45DB-ACF5-A789F76C2BC4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24ps-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2A6BC84-91F2-437D-9D2E-F8B3F5966767",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F331F13-5D05-4213-B442-D48D8E22287B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E312F4-90DA-40E4-BCD1-92F41BEEEECF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24td-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA32EA3F-946D-430D-B00F-939D828DD72C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D239A09C-34D2-4418-B538-03A1080B8479",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C84561E-DD99-4433-9EF2-083F7C300123",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-24ts-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B29871BE-CA7D-4108-B46A-CBD539C9A2B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39CD9189-6524-4157-B90E-FF6A81DE3599",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF1B702-643A-4AF2-B0AD-3C540CF85F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96269625-CB31-4850-872B-B2C1321B13B6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "426B68A6-3A41-43DB-846F-AEFBA62E221B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BDE086A-3FE5-46E3-BD66-23D0AE5089BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA53775A-D3ED-4D34-8338-A384DBEB94E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fq-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7D4522-D6BB-467F-AF5D-4D753A89D524",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C96215F-A300-4B4E-9D3A-C32E484BFC5B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C680534-C663-40B0-A4AA-7F292EE60FE2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAF4F233-7B47-46ED-BDC5-A589BCFC0B39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fqm-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A528EC0-4650-4787-BE52-A588E7E38A31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53898E96-03D6-43A2-AE05-46C62464BD26",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "465917E5-8BF0-4BBB-85A0-DE8F516880C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48fs-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9FA66D9-E465-406E-A95C-608A1BE34D74",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFFE6E6-413F-48AC-B4CE-0F1058C48FC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1456B204-A2A5-4790-A684-7F50D692EC9F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48pd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD715BDD-7C74-4785-BEDF-75918F6FB37A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD10664-94D0-48C0-92EF-E8EA66841245",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "071A47F9-FF35-4F2C-BF5D-897CAC8BC08A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48pq-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E988448-36C9-47E0-9356-DA400EB824E3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D067EF9-00DB-4979-B12E-55749059A083",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9FA300A-44B1-44EE-8111-C1296EB0B638",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48ps-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8598A543-B30B-4BD4-9974-F432FFFDCDD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48DEBBAD-D28D-4784-BBD8-9FAD1710A919",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5FC516-6B48-4D77-B26D-FA097AC91D1A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48td-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A7437E4-5C09-436C-AFBC-F6B6747A4339",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ECBC0277-4990-4DE7-AD80-20E8A6F561D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E7DAF69-662B-4999-A6AD-AA528B53EAF7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48tq-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF90C70-A2B8-44A4-B4A1-2A1B48AA9D0A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D28306B1-3DDE-4444-9784-522B3D2163EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9257D187-1F2D-40F4-8C87-78978DB56C3F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-48ts-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF4A033-FD9E-4B98-A0FD-CF6CD9BD3E5B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AF8261-74E0-4F53-B82C-A7BA7559D7CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25AE251E-E99F-4546-85B0-C57834B040B7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24pd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C62FFCB9-4253-459B-9298-C252DA9177DB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "991CBDFB-6836-4D1F-80A9-14EBCE3F855F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B4C0250-DA0D-4CEE-99F4-C211163C6653",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E18C436-AC70-4E2E-8ED2-EEADFCE36CB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3650-8x24uq-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D453BF6-AB9F-4D47-B4DF-C25C67358FFE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850:-:*:*:*:*:*:*:*",
"matchCriteriaId": "005F5347-A5E6-4954-ACAB-E4DF29119724",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2A8413-DF92-4690-8BC1-A21001BDF76B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-12s-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "882B8D8F-E154-45C3-BB47-5353167C9776",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-12x48u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8F7FAA3-003D-4BEE-99CC-C9F75D5293FC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54B4EB4-EB41-4522-B7AB-C30F96099EA3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-12xs-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAD7BE51-0BA6-4750-B274-A6E33D32B484",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5B6123E-B86F-4EC8-95D6-4CE47A7D0AC2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-16xs-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2305B8A-B8F2-4AF4-A86A-EFF11541D62D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44C3EF8E-DF88-46DC-8E06-B009F346D1D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E87F823-D924-4718-AD81-248A6C619531",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24p-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BA01B5E-9E7B-4EE6-9480-A82B753BBB82",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24pw-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCAC93E0-F982-4E37-866E-43B7BC5AC82E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC866C9-BB98-4320-9FFA-F0960C560DA6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24s-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79FB0F3E-BB66-47BB-A59F-2D4C123F9CBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3AD7495-3DA2-4596-9620-CD36D7C561AC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492F3F8-4188-41E4-9A84-5E30C4AC3378",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24t-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "718F2FDC-9EA4-4C4C-8821-B15E56AF8101",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5CB558-BD42-4615-BC31-41CCF25DE5C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC04072A-9BBE-4A9D-AE39-054D93E0C6D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E45BCCD0-65BB-431F-B448-221C1595CD92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24u-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F33BA722-0680-4074-8D03-41657F8CDCC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "295C46B4-5E9F-4DD8-861B-00BA43923306",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "431570C7-74A1-4F7E-8FD0-690AEF0F823B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24xs-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5D22E15-E1E8-4115-A55F-5743CA9C5947",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F840171D-CA1C-4E25-BD41-6B871C47BB84",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B240B20-CF48-4A72-9653-9D04D59C1391",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19D6AC73-67C9-4FA2-A361-FF08B0E3AF47",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-24xu-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58430463-EA77-4DC9-ACDE-4DCF92CA2FC7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74CCD143-3D6E-4880-B275-ECF5B04238C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-32xs-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D3784F-C572-4A6F-83B9-BCF64D339BC9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E09C466B-CE87-4A57-B40B-88C94BAAF36B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D58FF034-8E07-4518-A858-5F16F22217E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48f-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "376AD386-373D-4B24-966F-D11F76C9020F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2280CAA3-03F6-4168-8E50-A6B7132A3B0E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0C1174-C789-4547-9899-F7FCD0905F92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48p-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC366801-655A-403B-ACD9-3BB43802A3C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48pw-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF5463D0-A8D3-43EC-8CFF-F659A8C84436",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BD50BB2-BFD8-42F2-8C23-0D95187B01F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05D4D7E4-B195-46D8-8A6B-6AA4B8357618",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48t-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39600E51-4A21-4E5B-9FF9-E7C00AE86646",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47E4D5A8-7E4A-44C5-81DC-84712781206D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B13D6D50-D0FA-4527-BED3-52560DDD5253",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "965BF315-D833-4711-97FC-512151113367",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48u-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0ADEBE-3DA2-4850-8115-0AC937FB0A94",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8E9B149-AA2B-4421-8CC3-5A4B32B7AADF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04072C0F-78A2-4D10-87B2-52DC2537BA89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5C080E-D5C4-47B2-A46C-4EB3051C5221",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-f-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41CEBEE0-DA67-4EE5-9BCF-263843053A8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-48xs-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD262F58-C47F-439E-A9FF-D1C60120D306",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-2-40g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35490BDE-DF21-495E-9F8A-7631FCB32A1F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_3850-nm-8-10g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "20EFB5B8-4A38-48C5-A363-3C7F7763C1D5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4A5C56-0D08-4423-AEBD-33EDF172FCF9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9200cx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7670A322-31C2-4A8A-86E9-09D63C52E4C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9200l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6376BE-3A69-469C-B6A9-2EFB55A3B87F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0972076B-5C87-44B3-90EC-4C200B89318A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3765B3DB-8B1B-46EF-AF7D-ED1EB2079C3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24p-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74AED057-2458-4DE0-8D51-ABD766D07F68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19538C03-5FB8-4401-8B21-489C629D7E7D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B26D7061-F471-4DF0-A892-ED132958B84A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "033ED443-80E7-4012-9825-07AAC0D44B96",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24t-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD3F3CC6-A349-47B1-B282-B6458683C191",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB24EF21-1C10-48A7-BC68-FFC842A28D12",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED0625A2-BF14-4552-83D8-AEE0A04EA023",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0D6ED6-AE64-4E20-B9CD-3EAA22709CFF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-24ux-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21AFDC0D-7629-424E-827B-C8A8767324C3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A263CFF2-A659-405B-90EA-51E49B25C6D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48p-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEFBD449-217D-4569-99F7-D56B853A3E07",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED668FC-D1A5-4175-A234-23760BA6E788",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48s-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D650C48-9241-42F7-87A9-20733329489A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED16A65-9AFF-4825-95D1-162FBA0F566D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48t-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82D345E7-8208-41AC-B11A-4425D29E98A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E386D461-F1C1-4970-B056-D6119E74D449",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99F3A466-F665-4132-ABC4-2DFC0A7E2B55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3395168-FF2E-4CB6-AABE-5E36DEB241CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48un-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F525CBC-1CE6-4CAB-B1C1-DFA7EA462EF0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "226F985C-4669-4D0A-9DB4-CB1465B37B02",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300-48uxm-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B736A43-6F4E-40A9-84E4-D9E251489234",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2FF888F-46F5-4A79-BB88-BB2EC2D27E24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26437DA7-2EFE-4CA2-8DB0-9FECBEFAE4EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E99CA124-7D86-463B-A31E-A7836B7493E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E014B028-8DD9-428C-B705-8F428F145932",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24p-4x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6C44229-A842-49B2-AD3E-79C83DB63EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D56D21F-0F55-4AB1-AB9B-8EAE08F4BEDA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C0441D-A7AC-4B4E-970A-3A441C2F66B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5306E847-C718-4C83-9C97-8AB498DC4A88",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-24t-4x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18287CEF-B574-4498-A256-567CA6E6CA7C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9AAA2C-495E-4FD1-9050-264FDC25254B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5713043E-2535-4540-B3EF-41FAC40BECE9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C0C18E5-45B9-49D2-A4AB-DD8D5CB04C5C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48p-4x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67701D77-8B03-446A-AE22-4B8CCCD6F029",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0BEAE3-2056-4B7B-8D7C-AEE3DC86CC2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "831A2390-7170-4FC0-A95E-3DAB1791017D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F788CBC4-782F-4A43-AC80-4AEF1C43A22D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l-48t-4x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "493989DC-8F1B-45C9-AD11-38B97B958C9C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300l_stack:-:*:*:*:*:*:*:*",
"matchCriteriaId": "419ABFB5-2C27-4EBE-98EF-8A8B718CD1F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300lm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA0DBB2E-DB15-47E1-B8F2-3AC0B1197C5F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9300x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F168FB20-0C44-4A5B-910A-04B9517545C2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "737F22AB-C5A9-4A18-BA3D-38A222491397",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9407r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5508320-8318-41A8-8026-4A61907C1CD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9410r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAD337D8-8C72-4025-A8C3-E63598DE7BDB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "176ACF88-6112-4179-8492-50C50577B300",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9500h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D07FC868-0B38-4F24-BA40-87966FF80AB7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C19A801D-02D7-40B0-88E8-FE7BA8630E60",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9600x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4035136-CC10-4DDD-92AF-9DC41D19CF8A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c2928-24lt-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEB558C8-826C-486A-B7CF-1E0EC0A7A106",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c2928-48tc-c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC95D92-296F-4671-9191-29CED1C38070",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c3850-12x48u-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B9D6819-2CFC-428A-8C51-F0D4C55D5B29",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c3850-12x48u-l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3ECDFFB-DAD1-4BF6-85E1-1E8F94F991EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c3850-12x48u-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80AC0C7-6E96-4A72-B330-33BAF004B4C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18736C74-F68F-4D0B-AE2B-4BC1834EF794",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200-24t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D223C2AB-22A4-42B5-8BBB-78E2CBF23B40",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD3EAA2-8F25-4099-B76F-5ACC3BE34610",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200-48t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9BD57F-BDAC-46DD-AF87-8914B29670F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24p-4g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCEBFFC-DD60-4CB1-A7F2-9AC09977BA4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24p-4x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F7B21F-1DAA-45C7-8C24-D3A19F1C5459",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24pxg-2y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C4F9918-E075-4F78-AFD7-0BB7FA97C1F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24pxg-4x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7E00A0B-A58E-472F-B107-0FE106751F2D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24t-4g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB45406-5216-4A11-B8D3-C44639DC26B0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-24t-4x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "215D01AE-3767-482A-85C5-3361506F0AC3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48p-4g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A06E37A8-166F-4534-9089-D20B1227F4DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48p-4x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9D6DAE3-BAD0-46D8-B899-45B955F532F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48pxg-2y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "327167E8-4B65-4F9D-8760-34CDA03887CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48pxg-4x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0DA2253-C6A9-4749-B313-6552628A96F3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48t-4g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C925086A-94B9-4FE0-9FEB-3242C1217453",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9200l-48t-4x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB14B34-4035-41D2-834B-7FB069264207",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F257D2BE-7618-4B6A-AFCE-6D9D0084FA1D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA927CE-9D8E-4BC0-9EA6-641E7C4F71B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A46D298-1685-410E-879C-2EBC45C185AC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA4ACF54-E576-4D8A-A4E6-17A37EEC53DA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-24ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "196A7C06-8371-479D-973D-591DEB181739",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE42511E-9883-4779-A8E5-FC3E16EF2793",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB06AD21-91A7-46B8-8F44-683828A5422D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA169AF-3743-4051-B63B-FF6E1ADCD886",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D13CF5B-4482-4C7D-8D6A-E220F3E4F868",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48un:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92134C0A-4E5B-43EF-8439-484DF504C43C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300-48uxm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26ECF9BD-F632-4A02-8993-C0D44B91289C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24p-4g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48730DB5-94AF-4BE7-8047-52B8B47CE35A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24p-4x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3A88142-3284-4C25-8774-36004B5F9087",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24t-4g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB76311-4B6D-4897-A683-4244E92BD570",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-24t-4x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDA2975-CDB7-4182-A03E-D34F15CDF6F1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48p-4g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35B9D0B5-4BE1-490E-9A68-00A3D357BC3D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48p-4x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71FA2F5A-6146-4142-96A8-552118E4BB67",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48t-4g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF786D6-F28F-49D8-A15C-BFD0AA934355",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9300l-48t-4x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA32B0AC-1B0A-4ED8-8532-9C7BE6E059D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9404r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEFF895-6E4A-4108-BD25-D7DC83154832",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9407r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A485A9A0-2EEC-4C13-846C-0DE2265B2A31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9410r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F1ACA-9D67-4BF0-A357-40D39A61ED00",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-12q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BFEE45F-C5AC-483D-9DE6-4CEB98D80A0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-12q-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09786E-BB71-4ECA-878A-2CD33EE2DFF2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-12q-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32A2AD4E-27B8-4022-90D5-34DA597B55E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-16x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD6F5BBC-4627-4A3E-B827-3CEE7EE969D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-16x-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F69531D5-09B2-407D-8361-2FD7C93FF841",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-16x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB3D5CED-76D9-4A9C-8FD2-34DDED24E714",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-24q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2E41E2-00CE-42C4-8C91-9307D76F5D7A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-24q-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC50F73C-5026-44E0-AE29-E8AD3A112FC6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-24q-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FF0D66-D25B-4240-883D-8B02B17DB1A8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-24y4c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98CB2D23-B5F8-4FA9-8431-3B0124CE2140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8A8BA9F-3361-43CD-8031-A5DF0AD68BEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-32qc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFE4BB6-FC9A-42B3-B8A0-2610D71BB9B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-40x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53D13F1D-345D-45D5-9000-DAFE8A85D71B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-40x-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45233420-4380-4D64-B46D-D400A7224CA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-40x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7925AF68-4E36-4281-A710-070DD4BEDA8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9500-48y4c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CFB064E-E390-47B5-AA76-5D3D2E368055",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9600-lc-24c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE82D4C-B165-4060-8A05-740137833004",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9600-lc-48s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4859684E-FF82-43E6-9B86-B4FD54A124E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9600-lc-48tx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE2B840-6A66-46FC-87C4-6D8D867E2394",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_c9600-lc-48yl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06B9B478-24B0-4C99-9CF6-1D7A2C9F5A5E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot variable permissions in ROMMON. An attacker could exploit this vulnerability by rebooting the switch into ROMMON and entering specific commands through the console. A successful exploit could allow the attacker to read any file or reset the enable password."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funci\u00f3n de des habilitaci\u00f3n de la recuperaci\u00f3n de contrase\u00f1as del software Cisco IOS XE ROM Monitor (ROMMON) para Cisco Catalyst Switches podr\u00eda permitir a un atacante local no autenticado recuperar la configuraci\u00f3n o restablecer la contrase\u00f1a de habilitaci\u00f3n. Esta vulnerabilidad es debido a un problema con los permisos de archivos y variables de arranque en ROMMON. Un atacante podr\u00eda explotar esta vulnerabilidad al reiniciar el switch en ROMMON e introduciendo comandos espec\u00edficos mediante la consola. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante leer cualquier archivo o restablecer la contrase\u00f1a de habilitaci\u00f3n"
}
],
"id": "CVE-2022-20864",
"lastModified": "2024-11-21T06:43:42.610",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-10T21:15:10.207",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-538"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}