CVE-2016-9215Cisco IOS XR vulnerability

CWE-2644 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 77.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS XR
Timeline
PublishedDec 14
Latest updateMay 17

Description

A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. More Information: CSCva38434. Known Affected Releases: 6.1.1.BASE.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDcisco/ios_xr6.1.1

🔴Vulnerability Details

2
GHSA
GHSA-qhc9-292j-6xwf: A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user2022-05-17
CVEList
CVE-2016-9215: A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user2016-12-14

📋Vendor Advisories

1
Cisco
Cisco IOS XR Software Default Credentials Vulnerability2016-12-07
CVE-2016-9215 — Cisco IOS XR vulnerability | cvebase