2 matches found
Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure (cisco-sa-iosxr-load-infodisc-9rdOr5Fq)
According to its self-reported version, Cisco IOS XR is affected by an information disclosure vulnerability. An unauthenticated attacker with physical access can exploit this, by being connected to the console port when the device is power cycled, in order to view sensitive files. Please see the...
CVE-2023-20064
CVE-2023-20064 affects Cisco IOS XR Software. A vulnerability in the GRand Unified Bootloader (GRUB) allows a local, unauthenticated attacker with physical access to view sensitive files via the console during power-cycle, due to unnecessary commands in the GRUB environment. Exploitation requires...