Lucene search

[email protected]NVD:CVE-2021-34709

HistorySep 09, 2021 - 5:15 a.m.

CVE-2021-34709

2021-09-0905:15:10

CWE-347

[email protected]

web.nvd.nist.gov

cisco

ncs 540

8000 series

image verification

vulnerabilities

arbitrary code execution

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

6.4

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

Affected configurations

Nvd

Node

ciscoios_xrRange<7.3.2

AND

cisco8101-32fhMatch-

cisco8101-32h

cisco8102-64hMatch-

cisco8201Match-

cisco8201-32fhMatch-

cisco8202Match-

cisco8800_12-slotMatch-

cisco8800_18-slotMatch-

cisco8800_4-slotMatch-

cisco8800_8-slotMatch-

Node

ciscoios_xrRange<7.3.2

ciscoios_xrRange7.4.0–7.4.1

AND

ciscon540-12z20g-sys-aMatch-

ciscon540-12z20g-sys-dMatch-

ciscon540-24z8q2c-mMatch-

ciscon540-24z8q2c-sysMatch-

ciscon540-28z4c-sys-aMatch-

ciscon540-28z4c-sys-dMatch-

ciscon540-acc-sysMatch-

ciscon540x-12z16g-sys-aMatch-

ciscon540x-12z16g-sys-dMatch-

ciscon540x-16z4g8q2c-aMatch-

ciscon540x-16z4g8q2c-dMatch-

ciscon540x-acc-sysMatch-

VendorProductVersionCPE
ciscoios_xr*cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*
cisco8101-32fh-cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*
cisco8101-32h*cpe:2.3:h:cisco:8101-32h:*:*:*:*:*:*:*:*
cisco8102-64h-cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*
cisco8201-cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*
cisco8201-32fh-cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*
cisco8202-cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*
cisco8800_12-slot-cpe:2.3:h:cisco:8800_12-slot:-:*:*:*:*:*:*:*
cisco8800_18-slot-cpe:2.3:h:cisco:8800_18-slot:-:*:*:*:*:*:*:*
cisco8800_4-slot-cpe:2.3:h:cisco:8800_4-slot:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios_xr	*	cpe:2.3:o:cisco:ios_xr::::::::
cisco	8101-32fh	-	cpe:2.3:h:cisco:8101-32fh:-:::::::*
cisco	8101-32h	*	cpe:2.3:h:cisco:8101-32h::::::::
cisco	8102-64h	-	cpe:2.3:h:cisco:8102-64h:-:::::::*
cisco	8201	-	cpe:2.3:h:cisco:8201:-:::::::*
cisco	8201-32fh	-	cpe:2.3:h:cisco:8201-32fh:-:::::::*
cisco	8202	-	cpe:2.3:h:cisco:8202:-:::::::*
cisco	8800_12-slot	-	cpe:2.3:h:cisco:8800_12-slot:-:::::::*
cisco	8800_18-slot	-	cpe:2.3:h:cisco:8800_18-slot:-:::::::*
cisco	8800_4-slot	-	cpe:2.3:h:cisco:8800_4-slot:-:::::::*

Rows per page:

1-10 of 231

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lnt-QN9mCzwn

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

CVSS3

6.4

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2021-34709

prion1 cve1 cvelist1 cisco1 nessus1