CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
9.6%
A vulnerability in the JSON-RPC API feature in ConfD that is used by the web-based management interfaces of Cisco Crosswork Network Services Orchestrator (NSO), Cisco Optical Site Manager, and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device.
This vulnerability is due to improper authorization checks on the API. An attacker with privileges sufficient to access the affected application or device could exploit this vulnerability by sending malicious requests to the JSON-RPC API. A successful exploit could allow the attacker to make unauthorized modifications to the configuration of the affected application or device, including creating new user accounts or elevating their own privileges on an affected system.
[
{
"vendor": "Cisco",
"product": "Cisco IOS XR Software",
"versions": [
{
"version": "6.5.3",
"status": "affected"
},
{
"version": "6.5.29",
"status": "affected"
},
{
"version": "6.5.1",
"status": "affected"
},
{
"version": "6.6.1",
"status": "affected"
},
{
"version": "6.5.2",
"status": "affected"
},
{
"version": "6.5.92",
"status": "affected"
},
{
"version": "6.5.15",
"status": "affected"
},
{
"version": "6.6.2",
"status": "affected"
},
{
"version": "7.0.1",
"status": "affected"
},
{
"version": "6.6.25",
"status": "affected"
},
{
"version": "6.5.26",
"status": "affected"
},
{
"version": "6.6.11",
"status": "affected"
},
{
"version": "6.5.25",
"status": "affected"
},
{
"version": "6.5.28",
"status": "affected"
},
{
"version": "6.5.93",
"status": "affected"
},
{
"version": "6.6.12",
"status": "affected"
},
{
"version": "6.5.90",
"status": "affected"
},
{
"version": "7.0.0",
"status": "affected"
},
{
"version": "7.1.1",
"status": "affected"
},
{
"version": "7.0.90",
"status": "affected"
},
{
"version": "6.6.3",
"status": "affected"
},
{
"version": "6.7.1",
"status": "affected"
},
{
"version": "7.0.2",
"status": "affected"
},
{
"version": "7.1.15",
"status": "affected"
},
{
"version": "7.2.0",
"status": "affected"
},
{
"version": "7.2.1",
"status": "affected"
},
{
"version": "7.1.2",
"status": "affected"
},
{
"version": "6.7.2",
"status": "affected"
},
{
"version": "7.0.11",
"status": "affected"
},
{
"version": "7.0.12",
"status": "affected"
},
{
"version": "7.0.14",
"status": "affected"
},
{
"version": "7.1.25",
"status": "affected"
},
{
"version": "6.6.4",
"status": "affected"
},
{
"version": "7.2.12",
"status": "affected"
},
{
"version": "7.3.1",
"status": "affected"
},
{
"version": "7.1.3",
"status": "affected"
},
{
"version": "6.7.3",
"status": "affected"
},
{
"version": "7.4.1",
"status": "affected"
},
{
"version": "7.2.2",
"status": "affected"
},
{
"version": "6.7.4",
"status": "affected"
},
{
"version": "6.5.31",
"status": "affected"
},
{
"version": "7.3.15",
"status": "affected"
},
{
"version": "7.3.16",
"status": "affected"
},
{
"version": "6.8.1",
"status": "affected"
},
{
"version": "7.4.15",
"status": "affected"
},
{
"version": "6.5.32",
"status": "affected"
},
{
"version": "7.3.2",
"status": "affected"
},
{
"version": "7.5.1",
"status": "affected"
},
{
"version": "7.4.16",
"status": "affected"
},
{
"version": "7.3.27",
"status": "affected"
},
{
"version": "7.6.1",
"status": "affected"
},
{
"version": "7.5.2",
"status": "affected"
},
{
"version": "7.8.1",
"status": "affected"
},
{
"version": "7.6.15",
"status": "affected"
},
{
"version": "7.5.12",
"status": "affected"
},
{
"version": "7.8.12",
"status": "affected"
},
{
"version": "7.3.3",
"status": "affected"
},
{
"version": "7.7.1",
"status": "affected"
},
{
"version": "6.8.2",
"status": "affected"
},
{
"version": "7.3.4",
"status": "affected"
},
{
"version": "7.4.2",
"status": "affected"
},
{
"version": "6.7.35",
"status": "affected"
},
{
"version": "6.9.1",
"status": "affected"
},
{
"version": "7.6.2",
"status": "affected"
},
{
"version": "7.5.3",
"status": "affected"
},
{
"version": "7.7.2",
"status": "affected"
},
{
"version": "6.9.2",
"status": "affected"
},
{
"version": "7.9.1",
"status": "affected"
},
{
"version": "7.10.1",
"status": "affected"
},
{
"version": "7.8.2",
"status": "affected"
},
{
"version": "7.5.4",
"status": "affected"
},
{
"version": "6.5.33",
"status": "affected"
},
{
"version": "7.8.22",
"status": "affected"
},
{
"version": "7.7.21",
"status": "affected"
},
{
"version": "7.9.2",
"status": "affected"
},
{
"version": "7.3.5",
"status": "affected"
},
{
"version": "7.5.5",
"status": "affected"
},
{
"version": "7.11.1",
"status": "affected"
},
{
"version": "7.9.21",
"status": "affected"
},
{
"version": "7.10.2",
"status": "affected"
},
{
"version": "24.1.1",
"status": "affected"
},
{
"version": "7.6.3",
"status": "affected"
},
{
"version": "7.3.6",
"status": "affected"
},
{
"version": "7.5.52",
"status": "affected"
},
{
"version": "7.11.2",
"status": "affected"
},
{
"version": "24.2.1",
"status": "affected"
},
{
"version": "24.1.2",
"status": "affected"
},
{
"version": "24.2.11",
"status": "affected"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Cisco",
"product": "Cisco Network Services Orchestrator",
"versions": [
{
"version": "5.4.1",
"status": "affected"
},
{
"version": "5.3.1",
"status": "affected"
},
{
"version": "4.4.1",
"status": "affected"
},
{
"version": "5.2.1.1",
"status": "affected"
},
{
"version": "5.4.0.1",
"status": "affected"
},
{
"version": "4.7.1",
"status": "affected"
},
{
"version": "5.2.0.3",
"status": "affected"
},
{
"version": "5.2.1",
"status": "affected"
},
{
"version": "5.1.2",
"status": "affected"
},
{
"version": "5.4",
"status": "affected"
},
{
"version": "4.5.1",
"status": "affected"
},
{
"version": "5.4.0.2",
"status": "affected"
},
{
"version": "4.7.3",
"status": "affected"
},
{
"version": "5.2.0.4",
"status": "affected"
},
{
"version": "5.1.1.1",
"status": "affected"
},
{
"version": "5.1.1.3",
"status": "affected"
},
{
"version": "5.2.3.2",
"status": "affected"
},
{
"version": "5.4.1.1",
"status": "affected"
},
{
"version": "5.5",
"status": "affected"
},
{
"version": "5.4.2",
"status": "affected"
},
{
"version": "5.5.1",
"status": "affected"
},
{
"version": "5.4.3",
"status": "affected"
},
{
"version": "5.4.3.1",
"status": "affected"
},
{
"version": "5.5.2",
"status": "affected"
},
{
"version": "5.3.4.3",
"status": "affected"
},
{
"version": "5.5.2.1",
"status": "affected"
},
{
"version": "5.5.2.2",
"status": "affected"
},
{
"version": "5.4.3.2",
"status": "affected"
},
{
"version": "5.5.2.3",
"status": "affected"
},
{
"version": "5.4.4",
"status": "affected"
},
{
"version": "5.4.4.1",
"status": "affected"
},
{
"version": "5.5.2.4",
"status": "affected"
},
{
"version": "5.5.2.5",
"status": "affected"
},
{
"version": "5.5.2.6",
"status": "affected"
},
{
"version": "5.4.4.2",
"status": "affected"
},
{
"version": "5.4.3.3",
"status": "affected"
},
{
"version": "5.5.2.7",
"status": "affected"
},
{
"version": "5.5.2.8",
"status": "affected"
},
{
"version": "5.4.3.4",
"status": "affected"
},
{
"version": "5.4.4.3",
"status": "affected"
},
{
"version": "5.6",
"status": "affected"
},
{
"version": "5.5.2.9",
"status": "affected"
},
{
"version": "5.5.3",
"status": "affected"
},
{
"version": "5.5.2.10",
"status": "affected"
},
{
"version": "5.6.1",
"status": "affected"
},
{
"version": "5.5.2.11",
"status": "affected"
},
{
"version": "5.6.2",
"status": "affected"
},
{
"version": "5.5.3.1",
"status": "affected"
},
{
"version": "5.4.5",
"status": "affected"
},
{
"version": "5.4.5.1",
"status": "affected"
},
{
"version": "5.5.4",
"status": "affected"
},
{
"version": "5.6.3",
"status": "affected"
},
{
"version": "5.5.4.1",
"status": "affected"
},
{
"version": "5.7",
"status": "affected"
},
{
"version": "5.5.2.12",
"status": "affected"
},
{
"version": "5.4.2.1",
"status": "affected"
},
{
"version": "5.6.3.1",
"status": "affected"
},
{
"version": "5.4.5.2",
"status": "affected"
},
{
"version": "5.7.1",
"status": "affected"
},
{
"version": "5.7.1.1",
"status": "affected"
},
{
"version": "5.6.4",
"status": "affected"
},
{
"version": "5.4.2.2",
"status": "affected"
},
{
"version": "5.4.6",
"status": "affected"
},
{
"version": "5.7.2",
"status": "affected"
},
{
"version": "5.7.2.1",
"status": "affected"
},
{
"version": "5.6.5",
"status": "affected"
},
{
"version": "5.5.5",
"status": "affected"
},
{
"version": "5.7.3",
"status": "affected"
},
{
"version": "5.8",
"status": "affected"
},
{
"version": "5.6.6.1",
"status": "affected"
},
{
"version": "5.7.5.1",
"status": "affected"
},
{
"version": "5.6.7.1",
"status": "affected"
},
{
"version": "5.6.7",
"status": "affected"
},
{
"version": "5.5.6.1",
"status": "affected"
},
{
"version": "5.8.1",
"status": "affected"
},
{
"version": "5.6.6",
"status": "affected"
},
{
"version": "5.4.7",
"status": "affected"
},
{
"version": "5.8.2.1",
"status": "affected"
},
{
"version": "5.7.5",
"status": "affected"
},
{
"version": "5.7.4",
"status": "affected"
},
{
"version": "5.8.2",
"status": "affected"
},
{
"version": "5.5.6",
"status": "affected"
},
{
"version": "5.6.7.2",
"status": "affected"
},
{
"version": "5.7.6",
"status": "affected"
},
{
"version": "5.7.6.1",
"status": "affected"
},
{
"version": "5.8.3",
"status": "affected"
},
{
"version": "5.6.8",
"status": "affected"
},
{
"version": "5.7.6.2",
"status": "affected"
},
{
"version": "5.8.4",
"status": "affected"
},
{
"version": "5.5.7",
"status": "affected"
},
{
"version": "5.7.7",
"status": "affected"
},
{
"version": "5.6.9",
"status": "affected"
},
{
"version": "5.6.8.1",
"status": "affected"
},
{
"version": "5.8.5",
"status": "affected"
},
{
"version": "5.5.8",
"status": "affected"
},
{
"version": "5.7.8",
"status": "affected"
},
{
"version": "5.4.7.1",
"status": "affected"
},
{
"version": "6.0",
"status": "affected"
},
{
"version": "5.7.8.1",
"status": "affected"
},
{
"version": "6.0.1",
"status": "affected"
},
{
"version": "5.6.10",
"status": "affected"
},
{
"version": "5.8.6",
"status": "affected"
},
{
"version": "6.0.1.1",
"status": "affected"
},
{
"version": "6.0.2",
"status": "affected"
},
{
"version": "5.7.9",
"status": "affected"
},
{
"version": "5.5.9",
"status": "affected"
},
{
"version": "5.6.11",
"status": "affected"
},
{
"version": "5.8.7",
"status": "affected"
},
{
"version": "6.0.3",
"status": "affected"
},
{
"version": "5.7.10",
"status": "affected"
},
{
"version": "5.6.12",
"status": "affected"
},
{
"version": "5.8.8",
"status": "affected"
},
{
"version": "6.0.4",
"status": "affected"
},
{
"version": "5.5.10",
"status": "affected"
},
{
"version": "5.7.10.1",
"status": "affected"
},
{
"version": "6.1",
"status": "affected"
},
{
"version": "5.7.6.3",
"status": "affected"
},
{
"version": "5.7.11",
"status": "affected"
},
{
"version": "6.0.5",
"status": "affected"
},
{
"version": "5.6.13",
"status": "affected"
},
{
"version": "5.8.9",
"status": "affected"
},
{
"version": "6.1.1",
"status": "affected"
},
{
"version": "5.7.10.2",
"status": "affected"
},
{
"version": "6.0.6",
"status": "affected"
},
{
"version": "5.7.12",
"status": "affected"
},
{
"version": "6.1.2",
"status": "affected"
},
{
"version": "5.6.14",
"status": "affected"
},
{
"version": "6.1.2.1",
"status": "affected"
},
{
"version": "5.8.10",
"status": "affected"
},
{
"version": "6.0.7",
"status": "affected"
},
{
"version": "6.1.3",
"status": "affected"
},
{
"version": "5.7.13",
"status": "affected"
},
{
"version": "5.8.11",
"status": "affected"
},
{
"version": "6.1.3.1",
"status": "affected"
},
{
"version": "6.0.8",
"status": "affected"
},
{
"version": "6.1.4",
"status": "affected"
},
{
"version": "5.6.14.1",
"status": "affected"
},
{
"version": "5.8.12",
"status": "affected"
},
{
"version": "6.0.9",
"status": "affected"
},
{
"version": "6.1.5",
"status": "affected"
},
{
"version": "6.2",
"status": "affected"
},
{
"version": "5.8.13",
"status": "affected"
},
{
"version": "5.7.14",
"status": "affected"
},
{
"version": "6.0.10",
"status": "affected"
},
{
"version": "6.1.6",
"status": "affected"
},
{
"version": "6.1.6.1",
"status": "affected"
},
{
"version": "6.0.11",
"status": "affected"
},
{
"version": "6.1.7",
"status": "affected"
},
{
"version": "6.2.2",
"status": "affected"
},
{
"version": "5.7.15",
"status": "affected"
},
{
"version": "6.1.3.2",
"status": "affected"
},
{
"version": "6.1.7.1",
"status": "affected"
},
{
"version": "6.0.12",
"status": "affected"
},
{
"version": "6.1.8",
"status": "affected"
},
{
"version": "5.7.9.1",
"status": "affected"
},
{
"version": "5.7.15.1",
"status": "affected"
},
{
"version": "6.1.8.1",
"status": "affected"
},
{
"version": "6.0.13",
"status": "affected"
},
{
"version": "6.1.9",
"status": "affected"
},
{
"version": "5.5.10.1",
"status": "affected"
},
{
"version": "5.6.14.3",
"status": "affected"
},
{
"version": "5.8.13.1",
"status": "affected"
},
{
"version": "6.1.10",
"status": "affected"
},
{
"version": "6.0.14",
"status": "affected"
},
{
"version": "5.7.16",
"status": "affected"
},
{
"version": "6.1.11",
"status": "affected"
},
{
"version": "5.1.4.3",
"status": "affected"
},
{
"version": "6.1.11.1",
"status": "affected"
},
{
"version": "6.1.11.2",
"status": "affected"
},
{
"version": "5.7.17",
"status": "affected"
},
{
"version": "6.1.12",
"status": "affected"
}
],
"defaultStatus": "unknown"
},
{
"vendor": "Cisco",
"product": "Cisco Small Business RV Series Router Firmware",
"versions": [
{
"version": "1.0.01.17",
"status": "affected"
},
{
"version": "1.0.03.17",
"status": "affected"
},
{
"version": "1.0.01.16",
"status": "affected"
},
{
"version": "1.0.01.18",
"status": "affected"
},
{
"version": "1.0.00.29",
"status": "affected"
},
{
"version": "1.0.03.16",
"status": "affected"
},
{
"version": "1.0.03.15",
"status": "affected"
},
{
"version": "1.0.02.16",
"status": "affected"
},
{
"version": "1.0.01.20",
"status": "affected"
},
{
"version": "1.0.00.33",
"status": "affected"
},
{
"version": "1.0.03.18",
"status": "affected"
},
{
"version": "1.0.03.19",
"status": "affected"
},
{
"version": "1.0.03.20",
"status": "affected"
},
{
"version": "1.0.03.21",
"status": "affected"
},
{
"version": "1.0.03.22",
"status": "affected"
},
{
"version": "1.0.03.24",
"status": "affected"
},
{
"version": "1.0.03.26",
"status": "affected"
},
{
"version": "1.0.03.27",
"status": "affected"
},
{
"version": "1.0.03.28",
"status": "affected"
},
{
"version": "1.0.03.29",
"status": "affected"
}
],
"defaultStatus": "unknown"
}
]