CVE-2024-20320
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: psirt@cisco.com (Secondary)
Description
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System (NCS) 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient validation of arguments that are included with the SSH client CLI command. An attacker with low-privileged access to an affected device could exploit this vulnerability by issuing a crafted SSH client command to the CLI. A successful exploit could allow the attacker to elevate privileges to root on the affected device.
Affected (25)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 7.10.1 |
| Running on/with | Platform Versions |
|---|---|
Cisco 8011 4g24y4h I | All versions |
Cisco 8101 32fh | All versions |
Cisco 8101 32fh O | All versions |
Cisco 8101 32h O | All versions |
Cisco 8102 28fh Dpu O | All versions |
Cisco 8102 64h | All versions |
Cisco 8102 64h O | All versions |
Cisco 8111 32eh O | All versions |
Cisco 8122 64eh O | All versions |
Cisco 8122 64ehf O | All versions |
Cisco 8201 | All versions |
Cisco 8201 24h8fh | All versions |
Cisco 8201 32fh | All versions |
Cisco 8201 32fh O | All versions |
Cisco 8202 | All versions |
Cisco 8202 32fh M | All versions |
Cisco 8212 48fh M | All versions |
Cisco 8404 | All versions |
Cisco 8501 Sys Mt | All versions |
Cisco 8608 | All versions |
Cisco 8700 | All versions |
Cisco 8711 32fh M | All versions |
Cisco 8712 Mod M | All versions |
Cisco 8804 | All versions |
Cisco 8808 | All versions |
Cisco 8812 | All versions |
Cisco 8818 | All versions |
Cisco Ios Xrd Control Plane | All versions |
Cisco Ios Xrd Vrouter | All versions |
Cisco Ncs 540 12z20g Sys A | All versions |
Cisco Ncs 540 12z20g Sys D | All versions |
Cisco Ncs 540 24q2c2dd Sys | All versions |
Cisco Ncs 540 24q8l2dd Sys | All versions |
Cisco Ncs 540 24z8q2c Sys | All versions |
Cisco Ncs 540 28z4c Sys A | All versions |
Cisco Ncs 540 28z4c Sys D | All versions |
Cisco Ncs 540 6z14s Sys D | All versions |
Cisco Ncs 540 6z18g Sys A | All versions |
Cisco Ncs 540 6z18g Sys D | All versions |
Cisco Ncs 540 Acc Sys | All versions |
Cisco Ncs 540 Fh Agg | All versions |
Cisco Ncs 540 Fh Csr Sys | All versions |
Cisco Ncs 540x 12z16g Sys A | All versions |
Cisco Ncs 540x 12z16g Sys D | All versions |
Cisco Ncs 540x 16z4g8q2c A | All versions |
Cisco Ncs 540x 16z4g8q2c D | All versions |
Cisco Ncs 540x 16z8q2c D | All versions |
Cisco Ncs 540x 4z14g2q A | All versions |
Cisco Ncs 540x 4z14g2q D | All versions |
Cisco Ncs 540x 6z18g Sys A | All versions |
Cisco Ncs 540x 6z18g Sys D | All versions |
Cisco Ncs 540x 8z16g Sys A | All versions |
Cisco Ncs 540x 8z16g Sys D | All versions |
Cisco Ncs 540x Acc Sys | All versions |
Cisco Ncs 57b1 5dse Sys | All versions |
Cisco Ncs 57b1 6d24 Sys | All versions |
Cisco Ncs 57c1 48q6 Sys | All versions |
References (2)
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.