4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
44.7%
A vulnerability in the command-line interface (CLI) of Cisco IOS XR Software could allow an authenticated, remote attacker to access sensitive information.
The vulnerability is due to insufficient data protection of sensitive information. An attacker could exploit this vulnerability by issuing specific system commands on the affected device.
Cisco has confirmed the vulnerability in a security notice and released software updates.
To exploit this vulnerability, an attacker must authenticate to a targeted device. This access requirement may reduce the likelihood of a successful exploit.