Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0772
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Cisco | Crosswork NSO | Crosswork NSO versions 6.1.x antérieures à 6.1.9 | ||
| Cisco | Routed Passive Optical Network Controller | Routed Passive Optical Network Controller versions antérieures à 24.4.1 | ||
| Cisco | IOS XR | IOS XR versions postérieures à 24.1.x et antérieures à 24.2.2 | ||
| Cisco | Crosswork NSO | Crosswork NSO versions 6.2.x antérieures à 6.2.3 | ||
| Cisco | IOS XR | IOS XR versions 24.4.x antérieures à 24.4.1 | ||
| Cisco | Crosswork NSO | Crosswork NSO versions 5.8.x antérieures à 5.8.13.1 | ||
| Cisco | ConfD | ConfD versions 7.7.x antérieures à 7.7.16 | ||
| Cisco | Crosswork NSO | Crosswork NSO versions 5.5.x antérieures à 5.5.10.1 | ||
| Cisco | ConfD | ConfD versions 7.5.x antérieures à 7.5.10.2 | ||
| Cisco | Crosswork NSO | Crosswork NSO versions 6.0.x antérieures à 6.0.13 | ||
| Cisco | Crosswork NSO | Crosswork NSO versions 5.7.x antérieures à 5.7.16 | ||
| Cisco | IOS XR | IOS XR versions postérieures à 7.10.x antérieures à 7.11.21 | ||
| Cisco | Crosswork NSO | Crosswork NSO versions 5.6.x antérieures à 5.6.14.3 | ||
| Cisco | ConfD | ConfD versions 8.0.x antérieures à 8.0.13 | ||
| Cisco | Optical Site Manager | Optical Site Manager versions antérieures à 24.3.1 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Crosswork NSO versions 6.1.x ant\u00e9rieures \u00e0 6.1.9",
"product": {
"name": "Crosswork NSO",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Routed Passive Optical Network Controller versions ant\u00e9rieures \u00e0 24.4.1",
"product": {
"name": "Routed Passive Optical Network Controller",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "IOS XR versions post\u00e9rieures \u00e0 24.1.x et ant\u00e9rieures \u00e0 24.2.2 ",
"product": {
"name": "IOS XR",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Crosswork NSO versions 6.2.x ant\u00e9rieures \u00e0 6.2.3",
"product": {
"name": "Crosswork NSO",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "IOS XR versions 24.4.x ant\u00e9rieures \u00e0 24.4.1",
"product": {
"name": "IOS XR",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Crosswork NSO versions 5.8.x ant\u00e9rieures \u00e0 5.8.13.1",
"product": {
"name": "Crosswork NSO",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "ConfD versions 7.7.x ant\u00e9rieures \u00e0 7.7.16",
"product": {
"name": "ConfD",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Crosswork NSO versions 5.5.x ant\u00e9rieures \u00e0 5.5.10.1",
"product": {
"name": "Crosswork NSO",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "ConfD versions 7.5.x ant\u00e9rieures \u00e0 7.5.10.2",
"product": {
"name": "ConfD",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Crosswork NSO versions 6.0.x ant\u00e9rieures \u00e0 6.0.13",
"product": {
"name": "Crosswork NSO",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Crosswork NSO versions 5.7.x ant\u00e9rieures \u00e0 5.7.16",
"product": {
"name": "Crosswork NSO",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "IOS XR versions post\u00e9rieures \u00e0 7.10.x ant\u00e9rieures \u00e0 7.11.21",
"product": {
"name": "IOS XR",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Crosswork NSO versions 5.6.x ant\u00e9rieures \u00e0 5.6.14.3",
"product": {
"name": "Crosswork NSO",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "ConfD versions 8.0.x ant\u00e9rieures \u00e0 8.0.13",
"product": {
"name": "ConfD",
"vendor": {
"name": "Cisco",
"scada": false
}
}
},
{
"description": "Optical Site Manager versions ant\u00e9rieures \u00e0 24.3.1",
"product": {
"name": "Optical Site Manager",
"vendor": {
"name": "Cisco",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-20406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20406"
},
{
"name": "CVE-2024-20483",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20483"
},
{
"name": "CVE-2024-20317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20317"
},
{
"name": "CVE-2024-20489",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20489"
},
{
"name": "CVE-2024-20398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20398"
},
{
"name": "CVE-2024-20381",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20381"
},
{
"name": "CVE-2024-20304",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20304"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0772",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": "2024-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-nso-auth-bypass-QnTEesp",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-auth-bypass-QnTEesp"
},
{
"published_at": "2024-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iosxr-ponctlr-ci-OHcHmsFL",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ponctlr-ci-OHcHmsFL"
},
{
"published_at": "2024-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-isis-xehpbVNe",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-xehpbVNe"
},
{
"published_at": "2024-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-l2services-2mvHdNuC",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-l2services-2mvHdNuC"
},
{
"published_at": "2024-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iosxr-priv-esc-CrG5vhCq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-CrG5vhCq"
},
{
"published_at": "2024-09-11",
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-pak-mem-exhst-3ke9FeFy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pak-mem-exhst-3ke9FeFy"
}
]
}
CVE-2024-20489 (GCVE-0-2024-20489)
Vulnerability from cvelistv5 – Published: 2024-09-11 16:39 – Updated: 2024-09-11 20:12
VLAI?
EPSS
Summary
A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials.
This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials.
Severity ?
8.4 (High)
CWE
- CWE-256 - Unprotected Storage of Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
24.1.1
Affected: 24.2.1 Affected: 24.1.2 Affected: 24.2.11 Affected: 24.3.1 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_xr",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "24.1.1"
},
{
"status": "affected",
"version": "24.2.1"
},
{
"status": "affected",
"version": "24.1.2"
},
{
"status": "affected",
"version": "24.2.11"
},
{
"status": "affected",
"version": "24.3.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T20:04:09.480088Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T20:12:26.719Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "24.1.1"
},
{
"status": "affected",
"version": "24.2.1"
},
{
"status": "affected",
"version": "24.1.2"
},
{
"status": "affected",
"version": "24.2.11"
},
{
"status": "affected",
"version": "24.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials.\r\n\r\nThis vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vulnerability by accessing the configuration files on an affected system. A successful exploit could allow the attacker to view MongoDB credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-256",
"description": "Unprotected Storage of Credentials",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T16:39:06.449Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-iosxr-ponctlr-ci-OHcHmsFL",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ponctlr-ci-OHcHmsFL"
}
],
"source": {
"advisory": "cisco-sa-iosxr-ponctlr-ci-OHcHmsFL",
"defects": [
"CSCwi81017"
],
"discovery": "INTERNAL"
},
"title": "Cisco Routed Passive Optical Network Cleartext Password Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20489",
"datePublished": "2024-09-11T16:39:06.449Z",
"dateReserved": "2023-11-08T15:08:07.685Z",
"dateUpdated": "2024-09-11T20:12:26.719Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20381 (GCVE-0-2024-20381)
Vulnerability from cvelistv5 – Published: 2024-09-11 16:38 – Updated: 2024-09-27 13:58
VLAI?
EPSS
Summary
A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device.
This vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system.
Severity ?
8.8 (High)
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
6.5.3
Affected: 6.5.29 Affected: 6.5.1 Affected: 6.6.1 Affected: 6.5.2 Affected: 6.5.92 Affected: 6.5.15 Affected: 6.6.2 Affected: 7.0.1 Affected: 6.6.25 Affected: 6.5.26 Affected: 6.6.11 Affected: 6.5.25 Affected: 6.5.28 Affected: 6.5.93 Affected: 6.6.12 Affected: 6.5.90 Affected: 7.0.0 Affected: 7.1.1 Affected: 7.0.90 Affected: 6.6.3 Affected: 6.7.1 Affected: 7.0.2 Affected: 7.1.15 Affected: 7.2.0 Affected: 7.2.1 Affected: 7.1.2 Affected: 6.7.2 Affected: 7.0.11 Affected: 7.0.12 Affected: 7.0.14 Affected: 7.1.25 Affected: 6.6.4 Affected: 7.2.12 Affected: 7.3.1 Affected: 7.1.3 Affected: 6.7.3 Affected: 7.4.1 Affected: 7.2.2 Affected: 6.7.4 Affected: 6.5.31 Affected: 7.3.15 Affected: 7.3.16 Affected: 6.8.1 Affected: 7.4.15 Affected: 6.5.32 Affected: 7.3.2 Affected: 7.5.1 Affected: 7.4.16 Affected: 7.3.27 Affected: 7.6.1 Affected: 7.5.2 Affected: 7.8.1 Affected: 7.6.15 Affected: 7.5.12 Affected: 7.8.12 Affected: 7.3.3 Affected: 7.7.1 Affected: 6.8.2 Affected: 7.3.4 Affected: 7.4.2 Affected: 6.7.35 Affected: 6.9.1 Affected: 7.6.2 Affected: 7.5.3 Affected: 7.7.2 Affected: 6.9.2 Affected: 7.9.1 Affected: 7.10.1 Affected: 7.8.2 Affected: 7.5.4 Affected: 6.5.33 Affected: 7.8.22 Affected: 7.7.21 Affected: 7.9.2 Affected: 7.3.5 Affected: 7.5.5 Affected: 7.11.1 Affected: 7.9.21 Affected: 7.10.2 Affected: 24.1.1 Affected: 7.6.3 Affected: 7.3.6 Affected: 7.5.52 Affected: 7.11.2 Affected: 24.2.1 Affected: 24.1.2 Affected: 24.2.11 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "network_services_orchestrator",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "5.4.1"
},
{
"status": "affected",
"version": "5.3.1"
}
]
},
{
"cpes": [
"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "small_business_rv_series_router_firmware",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "1.0.01.17"
},
{
"status": "affected",
"version": "1.0.03.17"
}
]
},
{
"cpes": [
"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_xr",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "6.5.3"
},
{
"status": "affected",
"version": "6.5.29"
},
{
"status": "affected",
"version": "6.5.1"
},
{
"status": "affected",
"version": "6.6.1"
},
{
"status": "affected",
"version": "6.5.2"
},
{
"status": "affected",
"version": "6.5.92"
},
{
"status": "affected",
"version": "6.5.15"
},
{
"status": "affected",
"version": "6.6.2"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "6.6.25"
},
{
"status": "affected",
"version": "6.5.28"
},
{
"status": "affected",
"version": "6.5.93"
},
{
"status": "affected",
"version": "6.6.12"
},
{
"status": "affected",
"version": "6.5.90"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.0.90"
},
{
"status": "affected",
"version": "6.6.3"
},
{
"status": "affected",
"version": "6.7.1"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.1.15"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "6.7.2"
},
{
"status": "affected",
"version": "7.0.11"
},
{
"status": "affected",
"version": "7.0.12"
},
{
"status": "affected",
"version": "7.0.14"
},
{
"status": "affected",
"version": "7.1.25"
},
{
"status": "affected",
"version": "6.6.4"
},
{
"status": "affected",
"version": "7.2.12"
},
{
"status": "affected",
"version": "7.3.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20381",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T03:55:16.289362Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T13:58:21.912Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "6.5.3"
},
{
"status": "affected",
"version": "6.5.29"
},
{
"status": "affected",
"version": "6.5.1"
},
{
"status": "affected",
"version": "6.6.1"
},
{
"status": "affected",
"version": "6.5.2"
},
{
"status": "affected",
"version": "6.5.92"
},
{
"status": "affected",
"version": "6.5.15"
},
{
"status": "affected",
"version": "6.6.2"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "6.6.25"
},
{
"status": "affected",
"version": "6.5.26"
},
{
"status": "affected",
"version": "6.6.11"
},
{
"status": "affected",
"version": "6.5.25"
},
{
"status": "affected",
"version": "6.5.28"
},
{
"status": "affected",
"version": "6.5.93"
},
{
"status": "affected",
"version": "6.6.12"
},
{
"status": "affected",
"version": "6.5.90"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.0.90"
},
{
"status": "affected",
"version": "6.6.3"
},
{
"status": "affected",
"version": "6.7.1"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.1.15"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "6.7.2"
},
{
"status": "affected",
"version": "7.0.11"
},
{
"status": "affected",
"version": "7.0.12"
},
{
"status": "affected",
"version": "7.0.14"
},
{
"status": "affected",
"version": "7.1.25"
},
{
"status": "affected",
"version": "6.6.4"
},
{
"status": "affected",
"version": "7.2.12"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "6.7.3"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "6.7.4"
},
{
"status": "affected",
"version": "6.5.31"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.3.16"
},
{
"status": "affected",
"version": "6.8.1"
},
{
"status": "affected",
"version": "7.4.15"
},
{
"status": "affected",
"version": "6.5.32"
},
{
"status": "affected",
"version": "7.3.2"
},
{
"status": "affected",
"version": "7.5.1"
},
{
"status": "affected",
"version": "7.4.16"
},
{
"status": "affected",
"version": "7.3.27"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.5.2"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.6.15"
},
{
"status": "affected",
"version": "7.5.12"
},
{
"status": "affected",
"version": "7.8.12"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "6.8.2"
},
{
"status": "affected",
"version": "7.3.4"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "6.7.35"
},
{
"status": "affected",
"version": "6.9.1"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "6.9.2"
},
{
"status": "affected",
"version": "7.9.1"
},
{
"status": "affected",
"version": "7.10.1"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.5.4"
},
{
"status": "affected",
"version": "6.5.33"
},
{
"status": "affected",
"version": "7.8.22"
},
{
"status": "affected",
"version": "7.7.21"
},
{
"status": "affected",
"version": "7.9.2"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "7.11.1"
},
{
"status": "affected",
"version": "7.9.21"
},
{
"status": "affected",
"version": "7.10.2"
},
{
"status": "affected",
"version": "24.1.1"
},
{
"status": "affected",
"version": "7.6.3"
},
{
"status": "affected",
"version": "7.3.6"
},
{
"status": "affected",
"version": "7.5.52"
},
{
"status": "affected",
"version": "7.11.2"
},
{
"status": "affected",
"version": "24.2.1"
},
{
"status": "affected",
"version": "24.1.2"
},
{
"status": "affected",
"version": "24.2.11"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Network Services Orchestrator",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "5.4.1"
},
{
"status": "affected",
"version": "5.3.1"
},
{
"status": "affected",
"version": "4.4.1"
},
{
"status": "affected",
"version": "5.2.1.1"
},
{
"status": "affected",
"version": "5.4.0.1"
},
{
"status": "affected",
"version": "4.7.1"
},
{
"status": "affected",
"version": "5.2.0.3"
},
{
"status": "affected",
"version": "5.2.1"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.4"
},
{
"status": "affected",
"version": "4.5.1"
},
{
"status": "affected",
"version": "5.4.0.2"
},
{
"status": "affected",
"version": "4.7.3"
},
{
"status": "affected",
"version": "5.2.0.4"
},
{
"status": "affected",
"version": "5.1.1.1"
},
{
"status": "affected",
"version": "5.1.1.3"
},
{
"status": "affected",
"version": "5.2.3.2"
},
{
"status": "affected",
"version": "5.4.1.1"
},
{
"status": "affected",
"version": "5.5"
},
{
"status": "affected",
"version": "5.4.2"
},
{
"status": "affected",
"version": "5.5.1"
},
{
"status": "affected",
"version": "5.4.3"
},
{
"status": "affected",
"version": "5.4.3.1"
},
{
"status": "affected",
"version": "5.5.2"
},
{
"status": "affected",
"version": "5.3.4.3"
},
{
"status": "affected",
"version": "5.5.2.1"
},
{
"status": "affected",
"version": "5.5.2.2"
},
{
"status": "affected",
"version": "5.4.3.2"
},
{
"status": "affected",
"version": "5.5.2.3"
},
{
"status": "affected",
"version": "5.4.4"
},
{
"status": "affected",
"version": "5.4.4.1"
},
{
"status": "affected",
"version": "5.5.2.4"
},
{
"status": "affected",
"version": "5.5.2.5"
},
{
"status": "affected",
"version": "5.5.2.6"
},
{
"status": "affected",
"version": "5.4.4.2"
},
{
"status": "affected",
"version": "5.4.3.3"
},
{
"status": "affected",
"version": "5.5.2.7"
},
{
"status": "affected",
"version": "5.5.2.8"
},
{
"status": "affected",
"version": "5.4.3.4"
},
{
"status": "affected",
"version": "5.4.4.3"
},
{
"status": "affected",
"version": "5.6"
},
{
"status": "affected",
"version": "5.5.2.9"
},
{
"status": "affected",
"version": "5.5.3"
},
{
"status": "affected",
"version": "5.5.2.10"
},
{
"status": "affected",
"version": "5.6.1"
},
{
"status": "affected",
"version": "5.5.2.11"
},
{
"status": "affected",
"version": "5.6.2"
},
{
"status": "affected",
"version": "5.5.3.1"
},
{
"status": "affected",
"version": "5.4.5"
},
{
"status": "affected",
"version": "5.4.5.1"
},
{
"status": "affected",
"version": "5.5.4"
},
{
"status": "affected",
"version": "5.6.3"
},
{
"status": "affected",
"version": "5.5.4.1"
},
{
"status": "affected",
"version": "5.7"
},
{
"status": "affected",
"version": "5.5.2.12"
},
{
"status": "affected",
"version": "5.4.2.1"
},
{
"status": "affected",
"version": "5.6.3.1"
},
{
"status": "affected",
"version": "5.4.5.2"
},
{
"status": "affected",
"version": "5.7.1"
},
{
"status": "affected",
"version": "5.7.1.1"
},
{
"status": "affected",
"version": "5.6.4"
},
{
"status": "affected",
"version": "5.4.2.2"
},
{
"status": "affected",
"version": "5.4.6"
},
{
"status": "affected",
"version": "5.7.2"
},
{
"status": "affected",
"version": "5.7.2.1"
},
{
"status": "affected",
"version": "5.6.5"
},
{
"status": "affected",
"version": "5.5.5"
},
{
"status": "affected",
"version": "5.7.3"
},
{
"status": "affected",
"version": "5.8"
},
{
"status": "affected",
"version": "5.6.6.1"
},
{
"status": "affected",
"version": "5.7.5.1"
},
{
"status": "affected",
"version": "5.6.7.1"
},
{
"status": "affected",
"version": "5.6.7"
},
{
"status": "affected",
"version": "5.5.6.1"
},
{
"status": "affected",
"version": "5.8.1"
},
{
"status": "affected",
"version": "5.6.6"
},
{
"status": "affected",
"version": "5.4.7"
},
{
"status": "affected",
"version": "5.8.2.1"
},
{
"status": "affected",
"version": "5.7.5"
},
{
"status": "affected",
"version": "5.7.4"
},
{
"status": "affected",
"version": "5.8.2"
},
{
"status": "affected",
"version": "5.5.6"
},
{
"status": "affected",
"version": "5.6.7.2"
},
{
"status": "affected",
"version": "5.7.6"
},
{
"status": "affected",
"version": "5.7.6.1"
},
{
"status": "affected",
"version": "5.8.3"
},
{
"status": "affected",
"version": "5.6.8"
},
{
"status": "affected",
"version": "5.7.6.2"
},
{
"status": "affected",
"version": "5.8.4"
},
{
"status": "affected",
"version": "5.5.7"
},
{
"status": "affected",
"version": "5.7.7"
},
{
"status": "affected",
"version": "5.6.9"
},
{
"status": "affected",
"version": "5.6.8.1"
},
{
"status": "affected",
"version": "5.8.5"
},
{
"status": "affected",
"version": "5.5.8"
},
{
"status": "affected",
"version": "5.7.8"
},
{
"status": "affected",
"version": "5.4.7.1"
},
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "5.7.8.1"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "5.6.10"
},
{
"status": "affected",
"version": "5.8.6"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "5.7.9"
},
{
"status": "affected",
"version": "5.5.9"
},
{
"status": "affected",
"version": "5.6.11"
},
{
"status": "affected",
"version": "5.8.7"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "5.7.10"
},
{
"status": "affected",
"version": "5.6.12"
},
{
"status": "affected",
"version": "5.8.8"
},
{
"status": "affected",
"version": "6.0.4"
},
{
"status": "affected",
"version": "5.5.10"
},
{
"status": "affected",
"version": "5.7.10.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "5.7.6.3"
},
{
"status": "affected",
"version": "5.7.11"
},
{
"status": "affected",
"version": "6.0.5"
},
{
"status": "affected",
"version": "5.6.13"
},
{
"status": "affected",
"version": "5.8.9"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "5.7.10.2"
},
{
"status": "affected",
"version": "6.0.6"
},
{
"status": "affected",
"version": "5.7.12"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "5.6.14"
},
{
"status": "affected",
"version": "6.1.2.1"
},
{
"status": "affected",
"version": "5.8.10"
},
{
"status": "affected",
"version": "6.0.7"
},
{
"status": "affected",
"version": "6.1.3"
},
{
"status": "affected",
"version": "5.7.13"
},
{
"status": "affected",
"version": "5.8.11"
},
{
"status": "affected",
"version": "6.1.3.1"
},
{
"status": "affected",
"version": "6.0.8"
},
{
"status": "affected",
"version": "6.1.4"
},
{
"status": "affected",
"version": "5.6.14.1"
},
{
"status": "affected",
"version": "5.8.12"
},
{
"status": "affected",
"version": "6.0.9"
},
{
"status": "affected",
"version": "6.1.5"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "5.8.13"
},
{
"status": "affected",
"version": "5.7.14"
},
{
"status": "affected",
"version": "6.0.10"
},
{
"status": "affected",
"version": "6.1.6"
},
{
"status": "affected",
"version": "6.1.6.1"
},
{
"status": "affected",
"version": "6.0.11"
},
{
"status": "affected",
"version": "6.1.7"
},
{
"status": "affected",
"version": "6.2.2"
},
{
"status": "affected",
"version": "5.7.15"
},
{
"status": "affected",
"version": "6.1.3.2"
},
{
"status": "affected",
"version": "6.1.7.1"
},
{
"status": "affected",
"version": "6.0.12"
},
{
"status": "affected",
"version": "6.1.8"
},
{
"status": "affected",
"version": "5.7.9.1"
},
{
"status": "affected",
"version": "5.7.15.1"
},
{
"status": "affected",
"version": "6.1.10"
},
{
"status": "affected",
"version": "6.1.11"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "6.1.11.1"
},
{
"status": "affected",
"version": "6.1.11.2"
},
{
"status": "affected",
"version": "5.7.17"
},
{
"status": "affected",
"version": "6.1.12"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.0.01.17"
},
{
"status": "affected",
"version": "1.0.03.17"
},
{
"status": "affected",
"version": "1.0.01.16"
},
{
"status": "affected",
"version": "1.0.01.18"
},
{
"status": "affected",
"version": "1.0.00.29"
},
{
"status": "affected",
"version": "1.0.03.16"
},
{
"status": "affected",
"version": "1.0.03.15"
},
{
"status": "affected",
"version": "1.0.02.16"
},
{
"status": "affected",
"version": "1.0.01.20"
},
{
"status": "affected",
"version": "1.0.00.33"
},
{
"status": "affected",
"version": "1.0.03.18"
},
{
"status": "affected",
"version": "1.0.03.19"
},
{
"status": "affected",
"version": "1.0.03.20"
},
{
"status": "affected",
"version": "1.0.03.21"
},
{
"status": "affected",
"version": "1.0.03.22"
},
{
"status": "affected",
"version": "1.0.03.24"
},
{
"status": "affected",
"version": "1.0.03.26"
},
{
"status": "affected",
"version": "1.0.03.27"
},
{
"status": "affected",
"version": "1.0.03.28"
},
{
"status": "affected",
"version": "1.0.03.29"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device.\u0026nbsp;\r\n\r\nThis vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T16:24:52.271Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-nso-auth-bypass-QnTEesp",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-auth-bypass-QnTEesp"
}
],
"source": {
"advisory": "cisco-sa-nso-auth-bypass-QnTEesp",
"defects": [
"CSCwj26769"
],
"discovery": "INTERNAL"
},
"title": "Cisco Network Services Orchestrator Configuration Update Authorization Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20381",
"datePublished": "2024-09-11T16:38:42.096Z",
"dateReserved": "2023-11-08T15:08:07.656Z",
"dateUpdated": "2024-09-27T13:58:21.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20304 (GCVE-0-2024-20304)
Vulnerability from cvelistv5 – Published: 2024-09-11 16:39 – Updated: 2024-09-11 20:11
VLAI?
EPSS
Summary
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device.
This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to exhaust the incoming UDP packet memory. The affected device would not be able to process higher-level UDP-based protocols packets, possibly causing a denial of service (DoS) condition.
Note: This vulnerability can be exploited using IPv4 or IPv6.
Severity ?
8.6 (High)
CWE
- CWE-401 - Missing Release of Memory after Effective Lifetime
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
7.8.1
Affected: 7.8.12 Affected: 7.7.1 Affected: 7.7.2 Affected: 7.9.1 Affected: 7.10.1 Affected: 7.8.2 Affected: 7.8.22 Affected: 7.7.21 Affected: 7.9.2 Affected: 7.11.1 Affected: 7.9.21 Affected: 7.10.2 Affected: 24.1.1 Affected: 7.11.2 Affected: 24.2.1 Affected: 24.1.2 Affected: 24.2.11 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_xr",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.8.12"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "7.9.1"
},
{
"status": "affected",
"version": "7.10.1"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.8.22"
},
{
"status": "affected",
"version": "7.7.21"
},
{
"status": "affected",
"version": "7.9.2"
},
{
"status": "affected",
"version": "7.11.1"
},
{
"status": "affected",
"version": "7.9.21"
},
{
"status": "affected",
"version": "7.10.2"
},
{
"status": "affected",
"version": "24.1.1"
},
{
"status": "affected",
"version": "7.11.2"
},
{
"status": "affected",
"version": "24.2.1"
},
{
"status": "affected",
"version": "24.1.2"
},
{
"status": "affected",
"version": "24.2.11"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20304",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T20:05:37.476896Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T20:11:14.196Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.8.12"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "7.9.1"
},
{
"status": "affected",
"version": "7.10.1"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.8.22"
},
{
"status": "affected",
"version": "7.7.21"
},
{
"status": "affected",
"version": "7.9.2"
},
{
"status": "affected",
"version": "7.11.1"
},
{
"status": "affected",
"version": "7.9.21"
},
{
"status": "affected",
"version": "7.10.2"
},
{
"status": "affected",
"version": "24.1.1"
},
{
"status": "affected",
"version": "7.11.2"
},
{
"status": "affected",
"version": "24.2.1"
},
{
"status": "affected",
"version": "24.1.2"
},
{
"status": "affected",
"version": "24.2.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device.\r\n\r\nThis vulnerability exists because the Mtrace2 code does not properly handle packet memory. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to exhaust the incoming UDP packet memory. The affected device would not be able to process higher-level UDP-based protocols packets, possibly causing a denial of service (DoS) condition.\r\nNote: This vulnerability can be exploited using IPv4 or IPv6."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T16:39:54.503Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pak-mem-exhst-3ke9FeFy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pak-mem-exhst-3ke9FeFy"
}
],
"source": {
"advisory": "cisco-sa-pak-mem-exhst-3ke9FeFy",
"defects": [
"CSCwk63828"
],
"discovery": "EXTERNAL"
},
"title": "Cisco IOS XR Software Packet Memory Exhaustion Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20304",
"datePublished": "2024-09-11T16:39:54.503Z",
"dateReserved": "2023-11-08T15:08:07.630Z",
"dateUpdated": "2024-09-11T20:11:14.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20406 (GCVE-0-2024-20406)
Vulnerability from cvelistv5 – Published: 2024-09-11 16:38 – Updated: 2024-09-11 20:38
VLAI?
EPSS
Summary
A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition.
Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type.
Severity ?
7.4 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
7.4.1
Affected: 6.8.1 Affected: 7.4.15 Affected: 7.5.1 Affected: 7.4.16 Affected: 7.6.1 Affected: 7.5.2 Affected: 7.8.1 Affected: 7.6.15 Affected: 7.5.12 Affected: 7.7.1 Affected: 6.8.2 Affected: 7.4.2 Affected: 6.9.1 Affected: 7.6.2 Affected: 7.5.3 Affected: 7.7.2 Affected: 6.9.2 Affected: 7.9.1 Affected: 7.10.1 Affected: 7.8.2 Affected: 7.5.4 Affected: 7.8.22 Affected: 7.7.21 Affected: 7.9.2 Affected: 7.5.5 Affected: 7.11.1 Affected: 7.9.21 Affected: 7.10.2 Affected: 7.6.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20406",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T20:38:32.503942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T20:38:41.758Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "6.8.1"
},
{
"status": "affected",
"version": "7.4.15"
},
{
"status": "affected",
"version": "7.5.1"
},
{
"status": "affected",
"version": "7.4.16"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.5.2"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.6.15"
},
{
"status": "affected",
"version": "7.5.12"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "6.8.2"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "6.9.1"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "6.9.2"
},
{
"status": "affected",
"version": "7.9.1"
},
{
"status": "affected",
"version": "7.10.1"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.5.4"
},
{
"status": "affected",
"version": "7.8.22"
},
{
"status": "affected",
"version": "7.7.21"
},
{
"status": "affected",
"version": "7.9.2"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "7.11.1"
},
{
"status": "affected",
"version": "7.9.21"
},
{
"status": "affected",
"version": "7.10.2"
},
{
"status": "affected",
"version": "7.6.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition.\r\nNote: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T16:38:50.133Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-isis-xehpbVNe",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-xehpbVNe"
}
],
"source": {
"advisory": "cisco-sa-isis-xehpbVNe",
"defects": [
"CSCwi39542"
],
"discovery": "EXTERNAL"
},
"title": "Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20406",
"datePublished": "2024-09-11T16:38:50.133Z",
"dateReserved": "2023-11-08T15:08:07.661Z",
"dateUpdated": "2024-09-11T20:38:41.758Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20317 (GCVE-0-2024-20317)
Vulnerability from cvelistv5 – Published: 2024-09-11 16:38 – Updated: 2024-09-11 20:38
VLAI?
EPSS
Summary
A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service (DoS) condition.
This vulnerability is due to incorrect classification of certain types of Ethernet frames that are received on an interface. An attacker could exploit this vulnerability by sending specific types of Ethernet frames to or through the affected device. A successful exploit could allow the attacker to cause control plane protocol relationships to fail, resulting in a DoS condition. For more information, see the section of this advisory.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Severity ?
7.4 (High)
CWE
- CWE-684 - Incorrect Provision of Specified Functionality
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
7.7.1
Affected: 7.8.1 Affected: 7.7.2 Affected: 7.9.1 Affected: 7.8.2 Affected: 7.8.22 Affected: 7.10.1 Affected: 7.7.21 Affected: 7.9.2 Affected: 7.9.21 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20317",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T20:37:33.903637Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T20:38:58.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "7.9.1"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.8.22"
},
{
"status": "affected",
"version": "7.10.1"
},
{
"status": "affected",
"version": "7.7.21"
},
{
"status": "affected",
"version": "7.9.2"
},
{
"status": "affected",
"version": "7.9.21"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to incorrect classification of certain types of Ethernet frames that are received on an interface. An attacker could exploit this vulnerability by sending specific types of Ethernet frames to or through the affected device. A successful exploit could allow the attacker to cause control plane protocol relationships to fail, resulting in a DoS condition. For more information, see the section of this advisory.\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-684",
"description": "Incorrect Provision of Specified Functionality",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T16:38:33.082Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-l2services-2mvHdNuC",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-l2services-2mvHdNuC"
}
],
"source": {
"advisory": "cisco-sa-l2services-2mvHdNuC",
"defects": [
"CSCwh30122"
],
"discovery": "EXTERNAL"
},
"title": "Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20317",
"datePublished": "2024-09-11T16:38:33.082Z",
"dateReserved": "2023-11-08T15:08:07.632Z",
"dateUpdated": "2024-09-11T20:38:58.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20398 (GCVE-0-2024-20398)
Vulnerability from cvelistv5 – Published: 2024-09-11 16:38 – Updated: 2024-09-12 03:55
VLAI?
EPSS
Summary
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device.
This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root.
Severity ?
8.8 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
6.5.3
Affected: 6.5.29 Affected: 6.5.1 Affected: 6.6.1 Affected: 6.5.2 Affected: 6.5.92 Affected: 6.5.15 Affected: 6.6.2 Affected: 7.0.1 Affected: 6.6.25 Affected: 6.5.26 Affected: 6.6.11 Affected: 6.5.25 Affected: 6.5.28 Affected: 6.5.93 Affected: 6.6.12 Affected: 6.5.90 Affected: 7.0.0 Affected: 7.1.1 Affected: 7.0.90 Affected: 6.6.3 Affected: 7.0.2 Affected: 7.1.15 Affected: 7.2.0 Affected: 7.2.1 Affected: 7.1.2 Affected: 7.0.11 Affected: 7.0.12 Affected: 7.0.14 Affected: 7.1.25 Affected: 6.6.4 Affected: 7.2.12 Affected: 7.3.1 Affected: 7.1.3 Affected: 7.4.1 Affected: 7.2.2 Affected: 6.5.31 Affected: 7.3.15 Affected: 7.3.16 Affected: 7.4.15 Affected: 6.5.32 Affected: 7.3.2 Affected: 7.5.1 Affected: 7.4.16 Affected: 7.3.27 Affected: 7.6.1 Affected: 7.5.2 Affected: 7.8.1 Affected: 7.6.15 Affected: 7.5.12 Affected: 7.8.12 Affected: 7.3.3 Affected: 7.7.1 Affected: 7.3.4 Affected: 7.4.2 Affected: 7.6.2 Affected: 7.5.3 Affected: 7.7.2 Affected: 7.9.1 Affected: 7.10.1 Affected: 7.8.2 Affected: 7.5.4 Affected: 6.5.33 Affected: 7.8.22 Affected: 7.7.21 Affected: 7.9.2 Affected: 7.3.5 Affected: 7.5.5 Affected: 7.11.1 Affected: 7.9.21 Affected: 7.10.2 Affected: 24.1.1 Affected: 7.6.3 Affected: 7.3.6 Affected: 7.5.52 Affected: 7.11.2 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:ios_xr_software:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_xr_software",
"vendor": "cisco",
"versions": [
{
"lessThanOrEqual": "7.11.2",
"status": "affected",
"version": "6.5.3",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20398",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-12T03:55:39.920Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "6.5.3"
},
{
"status": "affected",
"version": "6.5.29"
},
{
"status": "affected",
"version": "6.5.1"
},
{
"status": "affected",
"version": "6.6.1"
},
{
"status": "affected",
"version": "6.5.2"
},
{
"status": "affected",
"version": "6.5.92"
},
{
"status": "affected",
"version": "6.5.15"
},
{
"status": "affected",
"version": "6.6.2"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "6.6.25"
},
{
"status": "affected",
"version": "6.5.26"
},
{
"status": "affected",
"version": "6.6.11"
},
{
"status": "affected",
"version": "6.5.25"
},
{
"status": "affected",
"version": "6.5.28"
},
{
"status": "affected",
"version": "6.5.93"
},
{
"status": "affected",
"version": "6.6.12"
},
{
"status": "affected",
"version": "6.5.90"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.0.90"
},
{
"status": "affected",
"version": "6.6.3"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.1.15"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.11"
},
{
"status": "affected",
"version": "7.0.12"
},
{
"status": "affected",
"version": "7.0.14"
},
{
"status": "affected",
"version": "7.1.25"
},
{
"status": "affected",
"version": "6.6.4"
},
{
"status": "affected",
"version": "7.2.12"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "6.5.31"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.3.16"
},
{
"status": "affected",
"version": "7.4.15"
},
{
"status": "affected",
"version": "6.5.32"
},
{
"status": "affected",
"version": "7.3.2"
},
{
"status": "affected",
"version": "7.5.1"
},
{
"status": "affected",
"version": "7.4.16"
},
{
"status": "affected",
"version": "7.3.27"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.5.2"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.6.15"
},
{
"status": "affected",
"version": "7.5.12"
},
{
"status": "affected",
"version": "7.8.12"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "7.3.4"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "7.9.1"
},
{
"status": "affected",
"version": "7.10.1"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.5.4"
},
{
"status": "affected",
"version": "6.5.33"
},
{
"status": "affected",
"version": "7.8.22"
},
{
"status": "affected",
"version": "7.7.21"
},
{
"status": "affected",
"version": "7.9.2"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "7.11.1"
},
{
"status": "affected",
"version": "7.9.21"
},
{
"status": "affected",
"version": "7.10.2"
},
{
"status": "affected",
"version": "24.1.1"
},
{
"status": "affected",
"version": "7.6.3"
},
{
"status": "affected",
"version": "7.3.6"
},
{
"status": "affected",
"version": "7.5.52"
},
{
"status": "affected",
"version": "7.11.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T16:38:23.982Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-iosxr-priv-esc-CrG5vhCq",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-CrG5vhCq"
}
],
"source": {
"advisory": "cisco-sa-iosxr-priv-esc-CrG5vhCq",
"defects": [
"CSCwj25248"
],
"discovery": "EXTERNAL"
},
"title": "Cisco IOS XR Software Local Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20398",
"datePublished": "2024-09-11T16:38:23.982Z",
"dateReserved": "2023-11-08T15:08:07.660Z",
"dateUpdated": "2024-09-12T03:55:39.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20483 (GCVE-0-2024-20483)
Vulnerability from cvelistv5 – Published: 2024-09-11 16:38 – Updated: 2024-09-20 03:55
VLAI?
EPSS
Summary
Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker with Administrator-level privileges on the PON Manager or direct access to the PON Manager MongoDB instance to perform command injection attacks on the PON Controller container and execute arbitrary commands as root.
These vulnerabilities are due to insufficient validation of arguments that are passed to specific configuration commands. An attacker could exploit these vulnerabilities by including crafted input as the argument of an affected configuration command. A successful exploit could allow the attacker to execute arbitrary commands as root on the PON controller.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
24.1.1
Affected: 24.2.1 Affected: 24.1.2 Affected: 24.2.11 Affected: 24.3.1 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ios_xr",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "24.1.1"
},
{
"status": "affected",
"version": "24.2.1"
},
{
"status": "affected",
"version": "24.1.2"
},
{
"status": "affected",
"version": "24.2.11"
},
{
"status": "affected",
"version": "24.3.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20483",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T03:55:21.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "24.1.1"
},
{
"status": "affected",
"version": "24.2.1"
},
{
"status": "affected",
"version": "24.1.2"
},
{
"status": "affected",
"version": "24.2.11"
},
{
"status": "affected",
"version": "24.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker with Administrator-level privileges on the PON Manager or direct access to the PON Manager MongoDB instance to perform command injection attacks on the PON Controller container and execute arbitrary commands as root.\r\n\r\nThese vulnerabilities are due to insufficient validation of arguments that are passed to specific configuration commands. An attacker could exploit these vulnerabilities by including crafted input as the argument of an affected configuration command. A successful exploit could allow the attacker to execute arbitrary commands as root on the PON controller."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T16:38:57.862Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-iosxr-ponctlr-ci-OHcHmsFL",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ponctlr-ci-OHcHmsFL"
}
],
"source": {
"advisory": "cisco-sa-iosxr-ponctlr-ci-OHcHmsFL",
"defects": [
"CSCwi81011"
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XR PON Controller Command Injection Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20483",
"datePublished": "2024-09-11T16:38:57.862Z",
"dateReserved": "2023-11-08T15:08:07.684Z",
"dateUpdated": "2024-09-20T03:55:21.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…