fkie_nvd - fkie_cve-2020-3213

FKIE_CVE-2020-3213

Vulnerability from fkie_nvd - Published: 2020-06-03 18:15 - Updated: 2024-11-21 05:30

Severity ?

6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. The vulnerability is due to the ROMMON allowing for special parameters to be passed to the device at initial boot up. An attacker could exploit this vulnerability by sending parameters to the device at initial boot up. An exploit could allow the attacker to elevate from a Priv15 user to the root user and execute arbitrary commands with the privileges of the root user.

References

	URL	Tags
	psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-priv-esc3-GMgnGCHx	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-priv-esc3-GMgnGCHx	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	ios_xe	3.8.0s
cisco	ios_xe	3.8.1s
cisco	ios_xe	3.8.2s
cisco	ios_xe	3.9.0as
cisco	ios_xe	3.9.0s
cisco	ios_xe	3.9.1as
cisco	ios_xe	3.9.1s
cisco	ios_xe	3.9.2s
cisco	ios_xe	3.10.0s
cisco	ios_xe	3.10.1s
cisco	ios_xe	3.10.2as
cisco	ios_xe	3.10.2s
cisco	ios_xe	3.10.2ts
cisco	ios_xe	3.10.3s
cisco	ios_xe	3.10.4s
cisco	ios_xe	3.10.5s
cisco	ios_xe	3.10.6s
cisco	ios_xe	3.10.7s
cisco	ios_xe	3.10.8as
cisco	ios_xe	3.10.8s
cisco	ios_xe	3.10.9s
cisco	ios_xe	3.10.10s
cisco	ios_xe	3.11.0s
cisco	ios_xe	3.11.1s
cisco	ios_xe	3.11.2s
cisco	ios_xe	3.11.3s
cisco	ios_xe	3.11.4s
cisco	ios_xe	3.12.0as
cisco	ios_xe	3.12.0s
cisco	ios_xe	3.12.1s
cisco	ios_xe	3.12.2s
cisco	ios_xe	3.12.3s
cisco	ios_xe	3.12.4s
cisco	ios_xe	3.13.0as
cisco	ios_xe	3.13.0s
cisco	ios_xe	3.13.1s
cisco	ios_xe	3.13.2as
cisco	ios_xe	3.13.2s
cisco	ios_xe	3.13.3s
cisco	ios_xe	3.13.4s
cisco	ios_xe	3.13.5as
cisco	ios_xe	3.13.5s
cisco	ios_xe	3.13.6as
cisco	ios_xe	3.13.6bs
cisco	ios_xe	3.13.6s
cisco	ios_xe	3.13.7as
cisco	ios_xe	3.13.7s
cisco	ios_xe	3.13.8s
cisco	ios_xe	3.13.9s
cisco	ios_xe	3.13.10s
cisco	ios_xe	3.14.0s
cisco	ios_xe	3.14.1s
cisco	ios_xe	3.14.2s
cisco	ios_xe	3.14.3s
cisco	ios_xe	3.14.4s
cisco	ios_xe	3.15.0s
cisco	ios_xe	3.15.1cs
cisco	ios_xe	3.15.1s
cisco	ios_xe	3.15.2s
cisco	ios_xe	3.15.3s
cisco	ios_xe	3.15.4s
cisco	ios_xe	3.16.0as
cisco	ios_xe	3.16.0bs
cisco	ios_xe	3.16.0cs
cisco	ios_xe	3.16.0s
cisco	ios_xe	3.16.1as
cisco	ios_xe	3.16.2as
cisco	ios_xe	3.16.2bs
cisco	ios_xe	3.16.2s
cisco	ios_xe	3.16.3as
cisco	ios_xe	3.16.3s
cisco	ios_xe	3.16.4as
cisco	ios_xe	3.16.4bs
cisco	ios_xe	3.16.4cs
cisco	ios_xe	3.16.4ds
cisco	ios_xe	3.16.4es
cisco	ios_xe	3.16.4gs
cisco	ios_xe	3.16.4s
cisco	ios_xe	3.16.5as
cisco	ios_xe	3.16.5bs
cisco	ios_xe	3.16.5s
cisco	ios_xe	3.16.6bs
cisco	ios_xe	3.16.6s
cisco	ios_xe	3.16.7as
cisco	ios_xe	3.16.7bs
cisco	ios_xe	3.16.7s
cisco	ios_xe	3.16.8s
cisco	ios_xe	3.16.9s
cisco	ios_xe	3.16.10s
cisco	ios_xe	3.17.0s
cisco	ios_xe	3.17.1as
cisco	ios_xe	3.17.1s
cisco	ios_xe	3.17.2s
cisco	ios_xe	3.17.3s
cisco	ios_xe	3.17.4s
cisco	ios_xe	3.18.0s
cisco	ios_xe	3.18.0sp
cisco	ios_xe	3.18.1bsp
cisco	ios_xe	3.18.1csp
cisco	ios_xe	3.18.1gsp
cisco	ios_xe	3.18.1hsp
cisco	ios_xe	3.18.1isp
cisco	ios_xe	3.18.1s
cisco	ios_xe	3.18.1sp
cisco	ios_xe	3.18.2s
cisco	ios_xe	3.18.2sp
cisco	ios_xe	3.18.3s
cisco	ios_xe	3.18.3sp
cisco	ios_xe	3.18.4s
cisco	ios_xe	3.18.4sp
cisco	ios_xe	3.18.5sp
cisco	ios_xe	3.18.6sp
cisco	ios_xe	3.18.7sp
cisco	ios_xe	3.18.8sp
cisco	ios_xe	16.1.1
cisco	ios_xe	16.1.2
cisco	ios_xe	16.1.3
cisco	ios_xe	16.2.1
cisco	ios_xe	16.2.2
cisco	ios_xe	16.3.1
cisco	ios_xe	16.3.1a
cisco	ios_xe	16.3.2
cisco	ios_xe	16.3.3
cisco	ios_xe	16.3.4
cisco	ios_xe	16.3.5
cisco	ios_xe	16.3.5b
cisco	ios_xe	16.3.6
cisco	ios_xe	16.3.7
cisco	ios_xe	16.3.8
cisco	ios_xe	16.3.9
cisco	ios_xe	16.4.1
cisco	ios_xe	16.4.2
cisco	ios_xe	16.4.3
cisco	ios_xe	16.5.1
cisco	ios_xe	16.5.1a
cisco	ios_xe	16.5.1b
cisco	ios_xe	16.5.2
cisco	ios_xe	16.5.3
cisco	ios_xe	16.6.1
cisco	ios_xe	16.6.2
cisco	ios_xe	16.6.3
cisco	ios_xe	16.6.4
cisco	ios_xe	16.6.4a
cisco	ios_xe	16.6.4s
cisco	ios_xe	16.6.5
cisco	ios_xe	16.6.5a
cisco	ios_xe	16.6.5b
cisco	ios_xe	16.6.6
cisco	ios_xe	16.6.7
cisco	ios_xe	16.6.7a
cisco	ios_xe	16.7.1
cisco	ios_xe	16.7.2
cisco	ios_xe	16.7.3
cisco	ios_xe	16.8.1
cisco	ios_xe	16.8.1a
cisco	ios_xe	16.8.1b
cisco	ios_xe	16.8.1c
cisco	ios_xe	16.8.1s
cisco	ios_xe	16.8.2
cisco	ios_xe	16.8.3
cisco	ios_xe	16.9.1
cisco	ios_xe	16.9.1a
cisco	ios_xe	16.9.1b
cisco	ios_xe	16.9.1c
cisco	ios_xe	16.9.1d
cisco	ios_xe	16.9.1s
cisco	ios_xe	16.9.2
cisco	ios_xe	16.9.2a
cisco	ios_xe	16.9.2s
cisco	ios_xe	16.9.3
cisco	ios_xe	16.9.3a
cisco	ios_xe	16.9.3h
cisco	ios_xe	16.9.3s
cisco	ios_xe	16.9.4
cisco	ios_xe	16.9.4c
cisco	ios_xe	16.10.1
cisco	ios_xe	16.10.1a
cisco	ios_xe	16.10.1b
cisco	ios_xe	16.10.1e
cisco	ios_xe	16.10.1s
cisco	ios_xe	16.10.2
cisco	ios_xe	16.11.1
cisco	ios_xe	16.11.1a
cisco	ios_xe	16.11.1b
cisco	ios_xe	16.11.1c
cisco	ios_xe	16.11.1s
cisco	ios_xe	16.11.2
cisco	ios_xe	16.12.1
cisco	ios_xe	16.12.1a
cisco	ios_xe	16.12.1c
cisco	ios_xe	16.12.1s
cisco	ios_xe	16.12.1t

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2835C64E-808F-4A6C-B245-7A9996FAFE3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1040AF-A087-4791-BFC3-36CA3F3208E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.8.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F95B900-12A3-4488-BB50-20C972BEE169",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0as:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC3B6D68-DA31-45EB-ACFD-AE703B2FA2D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.9.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "94227B25-5C86-453C-9DC8-A8201C1D1FEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.9.1as:*:*:*:*:*:*:*",
              "matchCriteriaId": "6352A220-8F3E-4E08-8DD3-50E366434333",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.9.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "10F278DC-5102-4A18-9C72-E8FEEDCC5729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.9.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "513675B5-D62C-442D-8754-DC4F221942B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D9F45C-E71F-4425-A0C7-DFFEEC93C152",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "26FB3B1A-FB8C-4371-A6D2-AB83ECF17F96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.2as:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D12F65A-5B43-4612-8788-B697567C0B15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A005E0C-A744-4AFA-A1D1-2E3228E093FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.2ts:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED25B1B-C47A-45E9-8235-081550FB0AD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B7EC67-B431-4284-8781-9090D134B781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "3598539F-0EEB-45D6-8BA5-A2A3F69D556C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.5s:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF349D4-BF1C-4127-B6FA-7AD379F62A3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.6s:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ABE123-BBA5-46CD-8578-4A1F3CB8BA08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.7s:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD674BF9-16F6-4817-9ADE-564A402A5F06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.8as:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4142E2-B8A8-4E78-B4ED-52F63C43C6F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.8s:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7DA3731-E719-4DB7-9783-1C00481141EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.9s:*:*:*:*:*:*:*",
              "matchCriteriaId": "483A3F03-F5CC-45BD-AEB7-83E23601BB22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.10.10s:*:*:*:*:*:*:*",
              "matchCriteriaId": "1692889D-BD16-41C6-A226-A9BAF6F64603",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.11.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DAC081C-9A22-4CBC-A9D0-DD9995801791",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.11.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "F43F819E-3072-430F-8C52-B43FF28D4687",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.11.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "C80F59A9-C1EF-4E9B-B204-1EEC7FDF65BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.11.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "09A930B7-7B9B-426E-A296-9F29F4A03F5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.11.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "309952D7-B220-4678-A16D-AA5FF005F782",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.12.0as:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C5FC5B-BE2E-4BAC-AC23-58666BDEB553",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.12.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "503EFE9E-C238-46BA-8CA3-DE8D5DDB9A2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.12.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6EC8B17-6EC2-47AF-818D-1DFBDA612FB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.12.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "278ACF0A-949B-486D-8F6C-ADC2AF25FC17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.12.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A30BA4-D760-4321-AAC8-04093AAAEA3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.12.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "42616EA2-DDCF-4B57-BF2A-37968C82DDC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.0as:*:*:*:*:*:*:*",
              "matchCriteriaId": "246251E8-7D4E-4CD4-8D4F-BF360780FA36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F35F75-75E8-4A20-94C4-5908E404C8CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C01C1D8-A191-45B7-A6C5-EE225F05A49E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.2as:*:*:*:*:*:*:*",
              "matchCriteriaId": "16D7ACF1-6A30-4D6E-AA69-D2F365E2791C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E50FF89-8E71-4EA0-9AEC-2F800ED9D995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F6E9386-30B4-4E86-9676-E7E005274048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E70C455-E41C-4B17-847A-5F4281139252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.5as:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DD0A60B-6848-4B9A-B11D-2C2952D2D48C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.5s:*:*:*:*:*:*:*",
              "matchCriteriaId": "64A07329-3A7D-4483-AE69-4786FEB23D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.6as:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84E4463-DB0F-4B06-B403-B3606B386F02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.6bs:*:*:*:*:*:*:*",
              "matchCriteriaId": "E08D377F-EBEC-4234-8628-2CFD04E43CB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.6s:*:*:*:*:*:*:*",
              "matchCriteriaId": "665ACEAC-AE81-40F7-8A01-E8DB9DD7DD7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.7as:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAE50185-23ED-4640-9037-E45810793C85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.7s:*:*:*:*:*:*:*",
              "matchCriteriaId": "96637FB9-B552-417B-8C7F-4F4524F69690",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.8s:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA6851D-6DC1-403F-A511-EE996FE832F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.9s:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7C97617-6574-4EFD-8408-A9E21A56E1AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.13.10s:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB188B71-4CF0-49EA-BA00-10FEDF994D70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9247665-BBE7-4DEF-B97B-4981A0EA5CE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61E0102-B9B6-41F4-9041-0A5F144D849A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A076E1F-3457-410A-8AB6-64416ECB20A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAD93CD1-4188-40B7-A20E-9C3FE8344A27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EEAB7F8-EAB5-4E7A-8A1B-38EC16D601FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2972E680-5A19-4858-9B35-0B959ED319A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1BFE916-916F-4936-A331-21A0E8193920",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EC9A19-26E6-4E69-B4E7-852CB6327EAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C5484A4-D116-4B79-8369-47979E20AACA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0as:*:*:*:*:*:*:*",
              "matchCriteriaId": "97410577-A005-49B6-981C-535B3484E72F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0bs:*:*:*:*:*:*:*",
              "matchCriteriaId": "3420FB4D-8A6A-4B37-A4AE-7B35BEEEAF71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*",
              "matchCriteriaId": "5568EABF-8F43-4A87-8DE4-A03E9065BE53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0E5BB91-B5E7-4961-87DC-26596E5EDED7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC72AA6D-9E18-49F7-95CA-A4A5D7A60E4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA0B441A-3A09-4A58-8A40-D463003A50BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2bs:*:*:*:*:*:*:*",
              "matchCriteriaId": "51E1A64A-204D-4567-A2DC-EFEB2AE62B54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "970FD986-6D0E-441C-9BF3-C66A25763A7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3as:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EEFD3AD-EFA2-4808-801E-B98E4C63AA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "1826C997-6D5D-480E-A12E-3048B6C61216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4as:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D136C95-F837-49AD-82B3-81C25F68D0EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4bs:*:*:*:*:*:*:*",
              "matchCriteriaId": "C35B3F96-B342-4AFC-A511-7A735B961ECD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4cs:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E203E52-0A3A-4910-863D-05FEF537C9B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4ds:*:*:*:*:*:*:*",
              "matchCriteriaId": "DED2D791-4142-4B9E-8401-6B63357536B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4es:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B6442B5-A87E-493B-98D5-F954B5A001BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4gs:*:*:*:*:*:*:*",
              "matchCriteriaId": "8794DA1D-9EE8-4139-B8E9-061A73CFD5F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FBEF4B2-EA12-445A-823E-E0E5343A405E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.5as:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EAC484-1C4F-4CA8-B8E1-6EE0E9497A4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.5bs:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0BC5E30-71D2-4C17-A1BA-0850A9BC7D50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.5s:*:*:*:*:*:*:*",
              "matchCriteriaId": "844E7CEC-5CB6-47AE-95F7-75693347C08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.6bs:*:*:*:*:*:*:*",
              "matchCriteriaId": "E50A67CE-EB1C-4BFA-AB40-BCF6CDF168BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.6s:*:*:*:*:*:*:*",
              "matchCriteriaId": "147A245E-9A5D-4178-A1AC-5B0D41C3B730",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.7as:*:*:*:*:*:*:*",
              "matchCriteriaId": "169D71B3-1CCE-4526-8D91-048212EEDF08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.7bs:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F66514-B9C4-422E-B68E-406608302E03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.7s:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2438157-4D9C-4E16-9D2A-759A8F6CDDE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.8s:*:*:*:*:*:*:*",
              "matchCriteriaId": "12ECC01E-E59F-4AED-AE51-7EE6B5E717E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.9s:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABC524BA-544C-49B9-A9D6-800D25556532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.16.10s:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BC99316-75AC-45EB-B6BB-DB014ED08ECA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "12793F39-13C4-4DBC-9B78-FE361BDDF89D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1as:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AEF94C7-CEE6-4696-9F1D-549639A831C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "876767C7-0196-4226-92B1-DDE851B53655",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "0141D67B-632F-48ED-8837-4CC799616C57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "141FFB5E-EA72-4FC1-B87A-B5E2D5FCFE2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.17.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE444B39-D025-471B-835E-88671212ACAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0s:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE81AA43-88D4-4EFC-B8F6-A41EFF437819",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.0sp:*:*:*:*:*:*:*",
              "matchCriteriaId": "C18E6308-7A34-43E3-9AD8-5FB52B31ACB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1bsp:*:*:*:*:*:*:*",
              "matchCriteriaId": "80EE163D-D9EC-46A1-826A-54F8F3A3FFBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1csp:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CE4CFE4-C00F-4FAE-8FDF-F6C92E92838D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1gsp:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE3170E3-0BCC-4C5F-8E6C-5E91E8C4E7A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1hsp:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CCDB353-DD15-4C91-AD2A-73649C012E08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1isp:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D7DAAE1-BB3F-4FBA-A6ED-3BABC9196C1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BEBCBF7-D1CF-488F-BB3E-F864F901A96A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.1sp:*:*:*:*:*:*:*",
              "matchCriteriaId": "06BBE88E-FEFB-4B90-91D1-4F053FA0EA47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD8CCA19-1D1C-45C0-A1A0-CED5885AD580",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.2sp:*:*:*:*:*:*:*",
              "matchCriteriaId": "014224BF-926E-470C-A133-84036D8AD533",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "4063CCF8-19BE-4411-B71B-147BB146700B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.3sp:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DE8E0D1-E4AD-4648-BCF0-AE11B93D22B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "186ADB50-A4D4-4B32-884D-3195E7770346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.4sp:*:*:*:*:*:*:*",
              "matchCriteriaId": "334F278A-CFEB-4145-9D8D-EFC36A1BF258",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.5sp:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B76F26E-7B1C-4894-8CDD-4BA1243E4EAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.6sp:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5FB99D7-CDA9-4C3E-9DBB-3AC1CEBA4D90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.7sp:*:*:*:*:*:*:*",
              "matchCriteriaId": "63D05DBA-D3F0-492B-9976-54A7E46F315E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:3.18.8sp:*:*:*:*:*:*:*",
              "matchCriteriaId": "78224D59-5C86-4090-9645-170B6583C7E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ED5527C-A638-4E20-9928-099E32E17743",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A685A9A-235D-4D74-9D6C-AC49E75709CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "43052998-0A27-4E83-A884-A94701A3F4CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "89526731-B712-43D3-B451-D7FC503D2D65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "302933FE-4B6A-48A3-97F0-4B943251B717",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "296636F1-9242-429B-8472-90352C056106",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "77993343-0394-413F-ABF9-C1215E9AD800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "283971DD-DD58-4A76-AC2A-F316534ED416",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8F324A5-4830-482E-A684-AB3B6594CEAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8120196-8648-49D0-8262-CD4C9C90C37A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "33E7CCE2-C685-4019-9B55-B3BECB3E5F76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.5b:*:*:*:*:*:*:*",
              "matchCriteriaId": "0699DD6E-BA74-4814-93AB-300329C9D032",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2E2D781-2684-45F1-AC52-636572A0DCA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "479FB47B-AF2E-4FCB-8DE0-400BF325666C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF2B4C78-5C31-4F3D-9639-305E15576E79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C09F0A2-B21F-40ED-A6A8-9A29D6E1C6A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "77E8AF15-AB46-4EAB-8872-8C55E8601599",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "957318BE-55D4-4585-AA52-C813301D01C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F11B703-8A0F-47ED-AA70-951FF78B94A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE7B2557-821D-4E05-B5C3-67192573D97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EE6EC32-51E4-43A3-BFB9-A0D842D08E87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "187F699A-AF2F-42B0-B855-27413140C384",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E0B905E-4D92-4FD6-B2FF-41FF1F59A948",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EDEC28-661E-42EF-88F0-F62D0220D2E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9B825E6-5929-4890-BDBA-4CF4BD2314C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65020120-491D-46CD-8C73-974B6F4C11E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ADDCD0A-6168-45A0-A885-76CC70FE2FC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4s:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F35C623-6043-43A6-BBAA-478E185480CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D83E34F4-F4DD-49CC-9C95-93F9D4D26B42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2833EAE-94C8-4279-A244-DDB6E2D15DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5b:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B688E46-5BAD-4DEC-8B13-B184B141B169",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8F50DB-3A80-4D89-9F7B-86766D37338B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBFC70A2-87BC-4898-BCF3-57F7B1DD5F10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F13F583-F645-4DF0-A075-B4F19D71D128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "623BF701-ADC9-4F24-93C5-043A6A7FEF5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FBD681F-7969-42BE-A47E-7C287755DCB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "98255E6F-3056-487D-9157-403836EFB9D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDD58C58-1B0C-4A71-8C02-F555CEF9C253",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC2EE60-4A07-4D92-B9BC-BF07CF4F2BE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DBE4ED-1CD8-4134-9B33-17A91F44F17B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0375BF9E-D04B-4E5B-9051-536806ECA44E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "2266E5A2-B3F6-4389-B8E2-42CB845EC7F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "012A6CF7-9104-4882-9C95-E6D4458AB778",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1d:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AF5214D-9257-498F-A3EB-C4EC18E2FEB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DE7780-4E8B-4BB6-BDEB-58032EC65851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F29CEE37-4044-4A3C-9685-C9C021FD346A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3DC5BB06-100F-42C9-8CEB-CC47FD26DDF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2s:*:*:*:*:*:*:*",
              "matchCriteriaId": "5292764A-7D1C-4E04-86EF-809CB68EDD25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E16D266-108F-4F8A-998D-F1CA25F2EAAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3h:*:*:*:*:*:*:*",
              "matchCriteriaId": "F84AE35F-D016-4B8F-8FE2-C2ACB200DFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3s:*:*:*:*:*:*:*",
              "matchCriteriaId": "41D55481-C80E-4400-9C3D-9F6B1F7F13CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4BF9829-F80E-4837-A420-39B291C4E17B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4c:*:*:*:*:*:*:*",
              "matchCriteriaId": "D07F9539-CFBE-46F7-9F5E-93A68169797D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D136D2BC-FFB5-4912-A3B1-BD96148CB9A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "A22256FE-431C-4AD9-9E7F-7EAC2D81B1B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A443E93-6C4B-4F86-BA7C-7C2A929E795A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "314C7763-A64D-4023-9F3F-9A821AE4151F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC1C85DD-69CC-4AA8-B219-651D57FC3506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B53E377A-0296-4D7A-B97C-576B0026543D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
              "matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*",
              "matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. The vulnerability is due to the ROMMON allowing for special parameters to be passed to the device at initial boot up. An attacker could exploit this vulnerability by sending parameters to the device at initial boot up. An exploit could allow the attacker to elevate from a Priv15 user to the root user and execute arbitrary commands with the privileges of the root user."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el ROMMON de Cisco IOS XE Software, podr\u00eda permitir a un atacante local autenticado elevar los privilegios a los del usuario root del sistema operativo subyacente. La vulnerabilidad es debido a que ROMMON permite que sean pasados par\u00e1metros especiales al dispositivo en el arranque inicial. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de par\u00e1metros al dispositivo en el arranque inicial. Una explotaci\u00f3n podr\u00eda permitir al atacante elevarse desde un usuario Priv15 a un usuario root y ejecutar comandos arbitrarios con los privilegios del usuario root."
    }
  ],
  "id": "CVE-2020-3213",
  "lastModified": "2024-11-21T05:30:34.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-06-03T18:15:19.370",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-priv-esc3-GMgnGCHx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-priv-esc3-GMgnGCHx"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2020-3213 (GCVE-0-2020-3213)

Vulnerability from cvelistv5 – Published: 2020-06-03 17:41 – Updated: 2024-11-15 17:17

Summary

Severity ?

6.7 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-264

Assigner

cisco

References

URL

	Vendor	Product	Version
	Cisco	Cisco IOS XE Software 3.8.0S	Affected: n/a

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2020-3213

CVE-2020-3213 (GCVE-0-2020-3213)

Tags

Sightings

Nomenclature