← Back

CVE-2021-34718

nvd nist
Published: Sep 9, 2021Modified: Nov 21, 2024

JSON object

Loading...
8.1
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Exploitability: 2.8 / Impact: 5.2
Source: NVD

Description

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. This vulnerability is due to insufficient input validation of arguments that are supplied by the user for a specific file transfer method. An attacker with lower-level privileges could exploit this vulnerability by specifying Secure Copy Protocol (SCP) parameters when authenticating to a device. A successful exploit could allow the attacker to elevate their privileges and retrieve and upload files on a device that they should not have access to.

Affected (2)

Products: Cisco: Ios Xr
Cisco
1 product
Ios Xr
Configuration A
12 platform
Running on/withPlatform Versions
Cisco
Asr 9000v V2
All versions
Cisco
Asr 9001
All versions
Cisco
Asr 9006
All versions
Cisco
Asr 9010
All versions
Cisco
Asr 9901
All versions
Cisco
Asr 9902
All versions
Cisco
Asr 9903
All versions
Cisco
Asr 9904
All versions
Cisco
Asr 9906
All versions
Cisco
Asr 9910
All versions
Cisco
Asr 9912
All versions
Cisco
Asr 9922
All versions
Configuration B
2 platform
Running on/withPlatform Versions
Cisco
Ios Xrv
All versions
Cisco
Ios Xrv 9000
All versions
Configuration C
5 platform
Running on/withPlatform Versions
Cisco
Ncs 520
All versions
Cisco
Ncs 540
All versions
Cisco
Ncs 540 Fronthaul
All versions
Cisco
Ncs 560 4
All versions
Cisco
Ncs 560 7
All versions
Configuration D
3 platform
Running on/withPlatform Versions
Cisco
Ncs 5001
All versions
Cisco
Ncs 5002
All versions
Cisco
Ncs 5011
All versions
Configuration E
2 platform
Running on/withPlatform Versions
Cisco
Ncs 4009
All versions
Cisco
Ncs 4016
All versions
Configuration F
6 platform
Running on/withPlatform Versions
Cisco
Ncs 5501
All versions
Cisco
Ncs 5501 Se
All versions
Cisco
Ncs 5502
All versions
Cisco
Ncs 5502 Se
All versions
Cisco
Ncs 5508
All versions
Cisco
Ncs 5516
All versions
Configuration G
2 platform
Running on/withPlatform Versions
Cisco
Ncs 6000
All versions
Cisco
Ncs 6008
All versions
Configuration H
2 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Cisco
Ios Xr
Before 7.3.2
Ios Xr
From 7.4.0 to 7.4.1
Running on/withPlatform Versions
Cisco
Ncs 1001
All versions
Cisco
Ncs 1002
All versions
Cisco
Ncs 1004
All versions

Related CWEs

CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
The product constructs a string for a command to be executed by a separate component in another control sphere, but it does not properly delimit the intended arguments, options, or switches within that command string.

References (2)

Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.