← Back

CVE-2021-1244

nvd nist
Published: Feb 4, 2021Modified: Nov 21, 2024

JSON object

Loading...
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: NVD

Description

Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Affected (3)

Products: Cisco: Ios Xr
Cisco
1 product
Ios Xr
Configuration A
2 vulnerable · 5 platform
Vulnerable SoftwareAffected Versions
Cisco
Ios Xr
Before 7.0.12
Ios Xr
From 7.1.0 to 7.2.1
Running on/withPlatform Versions
Cisco
8201
All versions
Cisco
8202
All versions
Cisco
8808
All versions
Cisco
8812
All versions
Cisco
8818
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ios Xr
Before 7.2.1
Running on/withPlatform Versions
Cisco
Ncs 540
All versions

Related CWEs

CWE-347
Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.

References (2)

Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.