CVE-2021-34708
6.7
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Exploitability: 0.8 / Impact: 5.9
Source: NVD
Description
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.
Affected (2)
Configuration A
| Running on/with | Platform Versions |
|---|---|
Cisco 8101 32fh | All versions |
Cisco 8101 32h | All versions |
Cisco 8102 64h | All versions |
Cisco 8201 | All versions |
Cisco 8201 32fh | All versions |
Cisco 8202 | All versions |
Cisco 8800 12 Slot | All versions |
Cisco 8800 18 Slot | All versions |
Cisco 8800 4 Slot | All versions |
Cisco 8800 8 Slot | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 7.3.2 |
| Running on/with | Platform Versions |
|---|---|
Cisco N540 12z20g Sys A | All versions |
Cisco N540 12z20g Sys D | All versions |
Cisco N540 24z8q2c M | All versions |
Cisco N540 24z8q2c Sys | All versions |
Cisco N540 28z4c Sys A | All versions |
Cisco N540 28z4c Sys D | All versions |
Cisco N540 Acc Sys | All versions |
Cisco N540x 12z16g Sys A | All versions |
Cisco N540x 12z16g Sys D | All versions |
Cisco N540x 16z4g8q2c A | All versions |
Cisco N540x 16z4g8q2c D | All versions |
Cisco N540x Acc Sys | All versions |
References (2)
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.