Cisco Ios Xr Software vulnerabilities

CVE-2021-1440 [MEDIUM] CWE-617 CVE-2021-1440: A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Ci A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Border Gateway Protocol (BGP) process to crash, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of a specific RPKI to

CVE-2022-20655 [HIGH] CWE-78 CVE-2022-20655: A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an au A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of

CVE-2022-20845 [MEDIUM] CWE-789 CVE-2022-20845: A vulnerability in the TL1 function of Cisco Network Convergence System (NCS) 4000 Series could A vulnerability in the TL1 function of Cisco Network Convergence System (NCS) 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process. This vulnerability is due to TL1 not freeing memory under some conditions. An attacker could exploit this vulnerability by connecting to the device and issuing TL1 commands

CVE-2022-20849 [MEDIUM] CWE-391 CVE-2022-20849: A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continually crash. This vulnerability exists because the PPPoE feature does not properly handle an error condition within a specific crafted packet sequence. An at

CVE-2022-20846 [MEDIUM] CWE-120 CVE-2022-20846: A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software c A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an affected device. This vulnerability is due to a heap buffer overflow in certain Cisco Discovery Protocol messages. An attacker could exploit this vuln

CVE-2024-20406 [HIGH] CWE-20 CVE-2024-20406: A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (I A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacke

CVE-2024-20317 [HIGH] CWE-684 CVE-2024-20317: A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cis A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect classification of

CVE-2024-20398 [HIGH] CWE-78 CVE-2024-20398: A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account coul

CVE-2024-20483 [HIGH] CWE-78 CVE-2024-20483: Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container o Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker with Administrator-level privileges on the PON Manager or direct access to the PON Manager MongoDB instance to perform command injection attacks on the P

CVE-2024-20381 [HIGH] CWE-285 CVE-2024-20381: A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) a A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the configuration of an affected application or device. This

CVE-2024-20304 [HIGH] CWE-401 CVE-2024-20304: A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software cou A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An attacker could exploit this vulnerability by sending craf

CVE-2024-20343 [MEDIUM] CWE-284 CVE-2024-20343: A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the arguments that are passed to a specific CLI command. A

CVE-2024-20489 [HIGH] CWE-256 CVE-2024-20489: A vulnerability in the storage method of the PON Controller configuration file could allow an authen A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted database credentials on the device that is running Cisco IOS XR Software. An attacker could exploit this vul

CVE-2024-20390 [MEDIUM] CWE-940 CVE-2024-20390: A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthent A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751. This vulnerability is due to a lack of proper error validation of ingress XML packets. An attacker could exploit this vulnerability by sending a sustained, craft

CVE-2024-20456 [MEDIUM] CWE-732 CVE-2024-20456: A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local att A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system privileges on the affected device. This vulnerability is due

CVE-2024-20327 [HIGH] CWE-20 CVE-2024-20327: A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Ci A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the ppp_ma process, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of malformed PPPoE packet

CVE-2024-20320 [HIGH] CWE-266 CVE-2024-20320: A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System (NCS) 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of arguments that are included with

CVE-2024-20318 [HIGH] CWE-20 CVE-2024-20318: A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthentic A vulnerability in the Layer 2 Ethernet services of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the line card network processor to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of specific Ethernet frames that are received on line cards that have the Lay

CVE-2024-20262 [MEDIUM] CWE-269 CVE-2024-20262: A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of Cisco IOS XR Software could al A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of Cisco IOS XR Software could allow an authenticated, local attacker to create or overwrite files in a system directory, which could lead to a denial of service (DoS) condition. The attacker would require valid user credentials to perform this attack. This vulnerability is due to a

CVE-2024-20319 [MEDIUM] CWE-284 CVE-2024-20319: A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affected device. This vulnerability is due to incorrect UDP forwarding programming when using SNMP with manag