Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-3284 (GCVE-0-2020-3284)
Vulnerability from cvelistv5 – Published: 2020-11-06 18:16 – Updated: 2024-11-13 17:43
VLAI?
EPSS
Title
Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability
Summary
A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.
Severity ?
8.1 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XR Software |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201104 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3284",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:17:15.891506Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:43:58.908Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-11-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-06T18:16:03.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201104 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2"
}
],
"source": {
"advisory": "cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2",
"defect": [
[
"CSCvi82550",
"CSCvq23340",
"CSCvq31064",
"CSCvu31574"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-11-04T16:00:00",
"ID": "CVE-2020-3284",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XR Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201104 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2"
}
]
},
"source": {
"advisory": "cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2",
"defect": [
[
"CSCvi82550",
"CSCvq23340",
"CSCvq31064",
"CSCvu31574"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3284",
"datePublished": "2020-11-06T18:16:03.841Z",
"dateReserved": "2019-12-12T00:00:00.000Z",
"dateUpdated": "2024-11-13T17:43:58.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2\", \"name\": \"20201104 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T07:30:57.521Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-3284\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-13T17:17:15.891506Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-13T17:19:35.261Z\"}}], \"cna\": {\"title\": \"Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability\", \"source\": {\"defect\": [[\"CSCvi82550\", \"CSCvq23340\", \"CSCvq31064\", \"CSCvu31574\"]], \"advisory\": \"cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS XR Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2020-11-04T00:00:00.000Z\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2\", \"name\": \"20201104 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2020-11-06T18:16:03.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"8.1\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\"}}, \"source\": {\"defect\": [[\"CSCvi82550\", \"CSCvq23340\", \"CSCvq31064\", \"CSCvu31574\"]], \"advisory\": \"cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco IOS XR Software\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2\", \"name\": \"20201104 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-284\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2020-3284\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2020-11-04T16:00:00\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2020-3284\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-13T17:43:58.908Z\", \"dateReserved\": \"2019-12-12T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2020-11-06T18:16:03.841Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
GHSA-5XJQ-F58J-4HPH
Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-05-24 17:33
VLAI?
Details
A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.
{
"affected": [],
"aliases": [
"CVE-2020-3284"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-11-06T19:15:00Z",
"severity": "CRITICAL"
},
"details": "A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.",
"id": "GHSA-5xjq-f58j-4hph",
"modified": "2022-05-24T17:33:20Z",
"published": "2022-05-24T17:33:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-3284"
},
{
"type": "WEB",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2"
}
],
"schema_version": "1.4.0",
"severity": []
}
CVE-2020-3284
Vulnerability from fstec - Published: 04.11.2020
VLAI Severity ?
Title
Уязвимость среды предварительной загрузки Preboot eXecution Environment (PXE) операционной системы Cisco IOS XR, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость среды предварительной загрузки Preboot eXecution Environment (PXE) операционной системы Cisco IOS XR связана с недостатками контроля доступа. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код
Severity ?
Vendor
Cisco Systems Inc.
Software Name
Cisco IOS XR
Software Version
до 6.5.2 (Cisco IOS XR), до 7.1.1 (Cisco IOS XR), до 7.2.1 (Cisco IOS XR), до 6.6.3 (Cisco IOS XR), 7.0.2 (Cisco IOS XR)
Possible Mitigations
Использование рекомендаций производителя:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2
Reference
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2
CWE
CWE-284
{
"CVSS 2.0": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 6.5.2 (Cisco IOS XR), \u0434\u043e 7.1.1 (Cisco IOS XR), \u0434\u043e 7.2.1 (Cisco IOS XR), \u0434\u043e 6.6.3 (Cisco IOS XR), 7.0.2 (Cisco IOS XR)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\n\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "04.11.2020",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "17.11.2020",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "17.11.2020",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-05160",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-3284",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco IOS XR",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Cisco Systems Inc. Cisco IOS XR \u0434\u043e 6.5.2 Cisco ASR 9000, Cisco Systems Inc. Cisco IOS XR \u0434\u043e 7.1.1 Network Convergence System 1000 Series, Cisco Systems Inc. Cisco IOS XR \u0434\u043e 7.2.1 Network Convergence System 540 Routers, Cisco Systems Inc. Cisco IOS XR \u0434\u043e 6.6.3 Network Convergence System (NCS) 560 Series Routers, Cisco Systems Inc. Cisco IOS XR 7.0.2 Network Convergence System (NCS) 560 Series Routers, Cisco Systems Inc. Cisco IOS XR \u0434\u043e 6.6.3 Network Convergence System (NCS) 5500 Series Routers",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u044b \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 Preboot eXecution Environment (PXE) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Cisco IOS XR, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (CWE-284)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u044b \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 Preboot eXecution Environment (PXE) \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Cisco IOS XR \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-284",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,6)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,1)"
}
CNVD-2020-61947
Vulnerability from cnvd - Published: 2020-11-11
VLAI Severity ?
Title
Cisco IOS XR -bit Preboot eXecution Environment访问控制错误漏洞
Description
Cisco IOS XR是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。
Cisco IOS XR 64-bit Preboot eXecution Environment 存在安全漏洞,攻击者可以利用该漏洞通过Cisco IOS XR 64位的Preboot eXecution Environment绕过限制,以提升其特权。
Severity
高
Patch Name
Cisco IOS XR -bit Preboot eXecution Environment访问控制错误漏洞的补丁
Patch Description
Cisco IOS XR是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。
Cisco IOS XR 64-bit Preboot eXecution Environment 存在安全漏洞,攻击者可以利用该漏洞通过Cisco IOS XR 64位的Preboot eXecution Environment绕过限制,以提升其特权。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2
Reference
https://nvd.nist.gov/vuln/detail/CVE-2020-3284
Impacted products
| Name | Cisco IOS XR |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-3284",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-3284"
}
},
"description": "Cisco IOS XR\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\n\nCisco IOS XR 64-bit Preboot eXecution Environment \u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7Cisco IOS XR 64\u4f4d\u7684Preboot eXecution Environment\u7ed5\u8fc7\u9650\u5236\uff0c\u4ee5\u63d0\u5347\u5176\u7279\u6743\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-61947",
"openTime": "2020-11-11",
"patchDescription": "Cisco IOS XR\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u5957\u4e3a\u5176\u7f51\u7edc\u8bbe\u5907\u5f00\u53d1\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco IOS XR 64-bit Preboot eXecution Environment \u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7Cisco IOS XR 64\u4f4d\u7684Preboot eXecution Environment\u7ed5\u8fc7\u9650\u5236\uff0c\u4ee5\u63d0\u5347\u5176\u7279\u6743\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Cisco IOS XR -bit Preboot eXecution Environment\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Cisco IOS XR"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-3284",
"serverity": "\u9ad8",
"submitTime": "2020-11-05",
"title": "Cisco IOS XR -bit Preboot eXecution Environment\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e"
}
CERTFR-2020-AVI-713
Vulnerability from certfr_avis - Published: 2020-11-05 - Updated: 2020-11-06
De multiples vulnérabilités ont été découvertes dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- SD-WAN versions antérieures à 20.1.2
- SD-WAN versions antérieures à 20.3.2
- application Webex Meetings Desktop pour Windows 40.6.x versions antérieures à 40.6.9
- application Webex Meetings Desktop pour Windows 40.8.x versions antérieures à 40.8.9
- Webex Meetings sites 40.6.x versions antérieures à 40.6.11
- Webex Meetings sites 40.8.x versions antérieures à 40.8.0
- Webex Meetings Server 3.x versions antérieures à 3.0MR3 SP4
- Webex Meetings Server 4.x versions antérieures à 4.0MR3 SP4
- application Cisco AnyConnect Secure Mobility toutes versions avec les options "Auto Update" et "Enable Scripting" activées
- Cisco IOS XR pour ASR 9000 versions antérieures à 6.5.2 avec une version de BIOS antérieure à 10.65, 14.35, 16.14, 17.34, 22.20, 30.23 ou 31.20 en fonction du matériel
- Cisco IOS XR pour NCS 1000 versions antérieures à 7.1.1 avec une version de BIOS antérieure à 14.60
- Cisco IOS XR pour NCS 540 versions antérieures à 7.2.1 avec une version de BIOS antérieure à 1.15
- Cisco IOS XR pour NCS 560 versions antérieures à 6.6.3, 6.6.24 et 7.0.2 avec une version de BIOS antérieure à 0.14
- Cisco IOS XR pour NCS 5000 versions antérieures à 7.2.1 avec une version de BIOS antérieure à 1.13 ou 1.14 en fonction du matériel
- Cisco IOS XR pour NCS 5500 versions antérieures à 6.6.3 et 6.6.24 avec une version de BIOS antérieure à 9.30, 1.21 ou 1.12 en fonction du matériel
Les versions SD-WAN 18.x et 19.x sont également affectées et doivent faire l'objet d'une mise à jour vers les versions ci-dessus.
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eSD-WAN versions ant\u00e9rieures \u00e0 20.1.2\u003c/li\u003e \u003cli\u003eSD-WAN versions ant\u00e9rieures \u00e0 20.3.2\u003c/li\u003e \u003cli\u003eapplication Webex Meetings Desktop pour Windows 40.6.x versions ant\u00e9rieures \u00e0 40.6.9\u003c/li\u003e \u003cli\u003eapplication Webex Meetings Desktop pour Windows 40.8.x versions ant\u00e9rieures \u00e0 40.8.9\u003c/li\u003e \u003cli\u003eWebex Meetings sites 40.6.x versions ant\u00e9rieures \u00e0 40.6.11\u003c/li\u003e \u003cli\u003eWebex Meetings sites 40.8.x versions ant\u00e9rieures \u00e0 40.8.0\u003c/li\u003e \u003cli\u003eWebex Meetings Server 3.x versions ant\u00e9rieures \u00e0 3.0MR3 SP4\u003c/li\u003e \u003cli\u003eWebex Meetings Server 4.x versions ant\u00e9rieures \u00e0 4.0MR3 SP4\u003c/li\u003e \u003cli\u003e\u003cspan class=\"more\"\u003eapplication Cisco\u00a0AnyConnect Secure Mobility toutes versions avec les options \"Auto Update\" et \"Enable Scripting\" activ\u00e9es\u003c/span\u003e\u003c/li\u003e \u003cli\u003eCisco IOS XR pour ASR 9000 versions ant\u00e9rieures \u00e0 6.5.2 avec une version de BIOS ant\u00e9rieure \u00e0 10.65, 14.35, 16.14, 17.34, 22.20, 30.23 ou 31.20 en fonction du mat\u00e9riel\u003c/li\u003e \u003cli\u003eCisco IOS XR pour NCS 1000 versions ant\u00e9rieures \u00e0 7.1.1 avec une version de BIOS ant\u00e9rieure \u00e0 14.60\u003c/li\u003e \u003cli\u003eCisco IOS XR pour NCS 540 versions ant\u00e9rieures \u00e0 7.2.1 avec une version de BIOS ant\u00e9rieure \u00e0 1.15\u003c/li\u003e \u003cli\u003eCisco IOS XR pour NCS 560 versions ant\u00e9rieures \u00e0 6.6.3, 6.6.24 et 7.0.2 avec une version de BIOS ant\u00e9rieure \u00e0 0.14\u003c/li\u003e \u003cli\u003eCisco IOS XR pour NCS 5000 versions ant\u00e9rieures \u00e0 7.2.1 avec une version de BIOS ant\u00e9rieure \u00e0 1.13 ou 1.14 en fonction du mat\u00e9riel\u003c/li\u003e \u003cli\u003eCisco IOS XR pour NCS 5500 versions ant\u00e9rieures \u00e0 6.6.3 et 6.6.24 avec une version de BIOS ant\u00e9rieure \u00e0 9.30, 1.21 ou 1.12 en fonction du mat\u00e9riel\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eLes versions SD-WAN 18.x et 19.x sont \u00e9galement affect\u00e9es et doivent faire l\u0027objet d\u0027une mise \u00e0 jour vers les versions ci-dessus.\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-3284",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3284"
},
{
"name": "CVE-2020-3600",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3600"
},
{
"name": "CVE-2020-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3556"
},
{
"name": "CVE-2020-26074",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26074"
},
{
"name": "CVE-2020-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3574"
},
{
"name": "CVE-2020-3595",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3595"
},
{
"name": "CVE-2020-26071",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26071"
},
{
"name": "CVE-2020-3593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3593"
},
{
"name": "CVE-2020-3603",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3603"
},
{
"name": "CVE-2020-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3573"
},
{
"name": "CVE-2020-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3604"
},
{
"name": "CVE-2020-26073",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26073"
},
{
"name": "CVE-2020-3588",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3588"
}
],
"initial_release_date": "2020-11-05T00:00:00",
"last_revision_date": "2020-11-06T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-anyconnect-ipc-KfQO9QhK du 04 f\u00e9vrier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-ipc-KfQO9QhK"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-vepegr-4xynYLUj du 04 f\u00e9vrier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepegr-4xynYLUj"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2 du 04 f\u00e9vrier 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2"
}
],
"reference": "CERTFR-2020-AVI-713",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-11-05T00:00:00.000000"
},
{
"description": "ajout des syst\u00e8mes affect\u00e9s manquants et correction de dates erron\u00e9es",
"revision_date": "2020-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-vman-traversal-hQh24tmk du 04 novembre 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-escalation-Jhqs5Skf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-webex-vdi-qQrpBwuJ du 04 novembre 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-vdi-qQrpBwuJ"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-vepegr-4xynYLUj du 04 novembre 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-vepeshlg-tJghOQcA du 04 novembre 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepeshlg-tJghOQcA"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-vmanage-escalation-Jhqs5Skf du 04 novembre 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-escalation-Jhqs5Skf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-vsoln-arbfile-gtsEYxns du 04 novembre 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-vepescm-BjgQm4vJ du 04 novembre 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepescm-BjgQm4vJ"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-webex-nbr-NOS6FQ24 du 04 novembre 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-nbr-NOS6FQ24"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-anyconnect-ipc-KfQO9QhK du 04 novembre 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2 du 04 novembre 2020",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-voip-phone-flood-dos-YnU9EXOv du 04 novembre 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-vepestd-8C3J9Vc du 04 novembre 2020",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepestd-8C3J9Vc"
}
]
}
FKIE_CVE-2020-3284
Vulnerability from fkie_nvd - Published: 2020-11-06 19:15 - Updated: 2024-11-21 05:30
Severity ?
Summary
A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | a9k-rsp880-se_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a9k-rsp880-se | - | |
| cisco | a9k-rsp880-tr_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a9k-rsp880-tr | - | |
| cisco | a99-rp2-se_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a99-rp2-se | - | |
| cisco | a99-rp2-tr_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a99-rp2-tr | - | |
| cisco | a99-rsp-se_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a99-rsp-se | - | |
| cisco | a99-rsp-tr_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a99-rsp-tr | - | |
| cisco | a9k-rsp880-lt-se_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a9k-rsp880-lt-se | - | |
| cisco | a9k-rsp880-lt-tr_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a9k-rsp880-lt-tr | - | |
| cisco | asr-9901-rp_firmware | * | |
| cisco | ios_xr | * | |
| cisco | asr-9901-rp | - | |
| cisco | a99-rp3-se_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a99-rp3-se | - | |
| cisco | a99-rp3-tr_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a99-rp3-tr | - | |
| cisco | a9k-rsp5-se_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a9k-rsp5-se | - | |
| cisco | a9k-rsp5-tr_firmware | * | |
| cisco | ios_xr | * | |
| cisco | a9k-rsp5-tr | - | |
| cisco | ncs1001_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs1001 | - | |
| cisco | ncs1002_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs1002 | - | |
| cisco | ncs1004_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs1004 | - | |
| cisco | n540-12z20g-sys-a\/d_firmware | * | |
| cisco | ios_xr | * | |
| cisco | n540-12z20g-sys-a\/d | - | |
| cisco | n540-24z8q2c-m_firmware | * | |
| cisco | ios_xr | * | |
| cisco | n540-24z8q2c-m | - | |
| cisco | n540-28z4c-sys-a\/d_firmware | * | |
| cisco | ios_xr | * | |
| cisco | n540-28z4c-sys-a\/d | - | |
| cisco | n540-acc-sys_firmware | * | |
| cisco | ios_xr | * | |
| cisco | n540-acc-sys | - | |
| cisco | n540x-16z4g8q2c-a\/d_firmware | * | |
| cisco | ios_xr | * | |
| cisco | n540x-16z4g8q2c-a\/d | - | |
| cisco | n540x-12z16g-sys-a\/d_firmware | * | |
| cisco | ios_xr | * | |
| cisco | n540x-12z16g-sys-a\/d | - | |
| cisco | n560-4-sys_firmware | * | |
| cisco | ios_xr | * | |
| cisco | n560-4-sys | - | |
| cisco | n560-7-sys_firmware | * | |
| cisco | ios_xr | * | |
| cisco | n560-7-sys | - | |
| cisco | n560-4-sys_firmware | * | |
| cisco | ios_xr | * | |
| cisco | n560-4-sys | - | |
| cisco | n560-7-sys_firmware | * | |
| cisco | ios_xr | * | |
| cisco | n560-7-sys | - | |
| cisco | ncs5001_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs5001 | - | |
| cisco | ncs5002_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs5002 | - | |
| cisco | ncs5011_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs5011 | - | |
| cisco | nc55-rp_firmware | * | |
| cisco | ios_xr | * | |
| cisco | nc55-rp | - | |
| cisco | nc55-rp-e_firmware | * | |
| cisco | ios_xr | * | |
| cisco | nc55-rp-e | - | |
| cisco | ncs-5501_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-5501 | - | |
| cisco | ncs-5501-se_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-5501-se | - | |
| cisco | ncs-5502_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-5502 | - | |
| cisco | ncs-5502-se_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-5502-se | - | |
| cisco | ncs-55a2-mod-s_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-55a2-mod-s | - | |
| cisco | ncs-55a2-mod-hd-s_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-55a2-mod-hd-s | - | |
| cisco | ncs-55a2-mod-hx-s_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-55a2-mod-hx-s | - | |
| cisco | ncs-55a2-mod-se-s_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-55a2-mod-se-s | - | |
| cisco | ncs-55a2-mod-se-h-s_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-55a2-mod-se-h-s | - | |
| cisco | ncs-55a1-36h-se-s_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-55a1-36h-se-s | - | |
| cisco | ncs-55a1-36h-s_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-55a1-36h-s | - | |
| cisco | ncs-55a1-24h_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-55a1-24h | - | |
| cisco | ncs55-a1-48q6h_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs55-a1-48q6h | - | |
| cisco | ncs-55a1-24q6h-s_firmware | * | |
| cisco | ios_xr | * | |
| cisco | ncs-55a1-24q6h-s | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a9k-rsp880-se_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDBFB13-DF54-4689-9E35-2E47B2192A97",
"versionEndExcluding": "10.65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a9k-rsp880-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF3547E-D324-4C13-BB0C-1039E2BA89E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a9k-rsp880-tr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30BC8C36-E478-47DA-9702-55B8723F2CEC",
"versionEndExcluding": "10.65",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a9k-rsp880-tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF4E2635-1653-4B13-8E57-0AD504C9AE0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a99-rp2-se_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70CE0BF5-C3CD-44A5-A55F-E3933258AEFF",
"versionEndExcluding": "14.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a99-rp2-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CBB4E81-D5CB-40A7-B520-561DD59043DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a99-rp2-tr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEA23E2-FB12-4D55-BA67-5048EEBE3F4F",
"versionEndExcluding": "14.35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a99-rp2-tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA9DB189-45B5-458A-8A2F-F0D9DC225385",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a99-rsp-se_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC7E9FA-9532-4118-9F25-FDC40A36F54C",
"versionEndExcluding": "16.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a99-rsp-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21D7F134-49A8-4D8D-9C04-511F9101F337",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a99-rsp-tr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7258FF33-4D04-4C2C-A6FC-8A67FA3170BF",
"versionEndExcluding": "16.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a99-rsp-tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E74A7A45-D7A2-4C8F-B044-AA64C551FC9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a9k-rsp880-lt-se_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DCF563A-91B7-4A91-9878-C5BA174BD99A",
"versionEndExcluding": "17.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a9k-rsp880-lt-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B896EA4A-0E16-423A-9853-3C8122924D02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a9k-rsp880-lt-tr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "538BBBFC-9D8F-4CA0-8D73-489BD7A093CF",
"versionEndExcluding": "17.34",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a9k-rsp880-lt-tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13A9ABED-F7A0-4B5E-B60A-364E0F658B2E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asr-9901-rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "125FD6E5-4182-4C4C-806F-745068EB9513",
"versionEndExcluding": "22.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr-9901-rp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE36709F-DCF2-428F-8746-9C5096182E87",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a99-rp3-se_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "76D9F533-8EF1-495E-9C60-BADDAAFB5688",
"versionEndExcluding": "30.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a99-rp3-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F393681D-7EC1-46D5-BAFB-786528E259B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a99-rp3-tr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14706D87-7762-4D04-B685-4673EDC41890",
"versionEndExcluding": "30.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a99-rp3-tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE8CE5B-09CF-4138-9495-7223FFA64443",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a9k-rsp5-se_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4C0E94-0BA0-462B-A5E2-92B22C8C8240",
"versionEndExcluding": "31.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a9k-rsp5-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "326F9936-57E7-4E8F-9C51-093788454A3A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:a9k-rsp5-tr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EA656810-6E25-44CC-B184-E95C43B01B02",
"versionEndExcluding": "31.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:a9k-rsp5-tr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "884F1D0A-8A6F-45E4-9AC7-A8603AB8AE4E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs1001_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9990ECBC-58E3-4D99-80A2-B23FFF01341F",
"versionEndExcluding": "14.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs1001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28C2C545-C591-4960-9DEF-38B0474C0AC7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs1002_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B91BC2-2154-4CE8-9C64-6984B898BD61",
"versionEndExcluding": "14.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs1002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1E3721-F2CB-41C3-BB0F-3B130B2B7BEA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs1004_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA5FB9F-E8BC-407F-A400-DF394D53289E",
"versionEndExcluding": "14.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs1004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F8DE3D-0901-419E-8CCF-C821E66A9773",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:n540-12z20g-sys-a\\/d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F4F2D58-DB8B-49EA-9D4E-39B6E9762262",
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEE27AF-9402-4DFA-B1CF-E51972485918",
"versionEndExcluding": "7.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n540-12z20g-sys-a\\/d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EDA9608-1826-4558-AFC3-C1B480CD5B5F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:n540-24z8q2c-m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E28CDF66-98EE-4814-8E8D-88B42BF2D39C",
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n540-24z8q2c-m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D99BD3-20FA-4202-83ED-046CC79A4CAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:n540-28z4c-sys-a\\/d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCD70F2-F639-4411-8B16-404195B8F546",
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n540-28z4c-sys-a\\/d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BAFB4C0-D974-40C6-9B95-59D502AAB980",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:n540-acc-sys_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7D6F3C1-A016-4BC2-84BD-BFBC2292DDF1",
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n540-acc-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1727912A-9D84-4E9A-904A-2909B3B0D97E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:n540x-16z4g8q2c-a\\/d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21CE983F-7565-4A08-A0FC-35962E4A567F",
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n540x-16z4g8q2c-a\\/d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B723C859-29F5-44B2-9844-577A48A65E03",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:n540x-12z16g-sys-a\\/d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18189728-A587-4ED4-AD98-7CD6B10C90E4",
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CED75685-A63C-4550-9820-769058BEF572",
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n540x-12z16g-sys-a\\/d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86BA75BB-AF9D-41E3-9298-F1C3A541B06A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:n560-4-sys_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99EC601E-F56C-4A73-9867-543E0B5A57F5",
"versionEndExcluding": "0.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFC058-2750-4A6F-B321-DF159214FCA5",
"versionEndExcluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n560-4-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51D2FD1C-F1C3-4EAE-AE6E-436558F64B89",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:n560-7-sys_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB20CAD-BEEB-4795-BD03-626145206E6F",
"versionEndExcluding": "0.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00AFC058-2750-4A6F-B321-DF159214FCA5",
"versionEndExcluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n560-7-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E36FBD-12D7-459F-870F-E0F78460F354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:n560-4-sys_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99EC601E-F56C-4A73-9867-543E0B5A57F5",
"versionEndExcluding": "0.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n560-4-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51D2FD1C-F1C3-4EAE-AE6E-436558F64B89",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:n560-7-sys_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AB20CAD-BEEB-4795-BD03-626145206E6F",
"versionEndExcluding": "0.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:n560-7-sys:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17E36FBD-12D7-459F-870F-E0F78460F354",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs5001_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36D31052-9774-4E53-B423-EB1DEEDB639E",
"versionEndExcluding": "1.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEE27AF-9402-4DFA-B1CF-E51972485918",
"versionEndExcluding": "7.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs5001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0125AFD3-8EB6-4431-9ADB-87C4387B8DDF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs5002_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BEF787F-6354-4624-B76C-A632E0DB028D",
"versionEndExcluding": "1.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEE27AF-9402-4DFA-B1CF-E51972485918",
"versionEndExcluding": "7.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs5002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1A6B310-2DF0-485E-825F-CBCEBB1BFFCF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs5011_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "733F26A6-B928-4A10-9C7C-95707C5519AF",
"versionEndExcluding": "1.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9EEE27AF-9402-4DFA-B1CF-E51972485918",
"versionEndExcluding": "7.2.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs5011:-:*:*:*:*:*:*:*",
"matchCriteriaId": "958A8725-23BC-459E-91E4-CCDEB49206C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nc55-rp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "780AEF85-6223-463F-93EC-CF784F538694",
"versionEndExcluding": "9.30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nc55-rp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF712093-227B-4C09-A4D7-CD8359BBC740",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:nc55-rp-e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F989B90-6955-42C0-9612-B5541C8EF207",
"versionEndExcluding": "1.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:nc55-rp-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52A184BC-EC19-410B-AF7B-4C84BB0078FE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-5501_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E20EFB74-E3C7-4AC7-B01A-78EEC7C6BFC8",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A3D550E-72F5-4562-9286-09C50D8E47BF",
"versionEndExcluding": "1.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-5501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7617BA24-6474-49CF-B78D-0056D3F8385B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-5501-se_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4ACEF44C-744D-4C38-9A78-95F7CE23D4FF",
"versionEndExcluding": "1.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-5501-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3DCE7D6-0E78-4CF3-BF7A-6A4945ADD4F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-5502_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A454B9B0-7BE5-43DC-8B8C-8D60B329FDCF",
"versionEndExcluding": "1.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-5502:-:*:*:*:*:*:*:*",
"matchCriteriaId": "344675F6-9045-492D-9577-E0CE333AD6E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-5502-se_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83282391-F848-47CF-9042-7FB7FCBAB674",
"versionEndExcluding": "1.21",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-5502-se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7F2221-B5BE-408C-BA84-9776469EE2D5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-55a2-mod-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66D87D8E-DE4D-4A9E-836F-DE6D4DF998A9",
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-55a2-mod-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C33F0D81-1314-440B-9FC2-56D76CA4CD79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-55a2-mod-hd-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8A3FD0-139C-42B5-8251-3B2AA5FE43F4",
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-55a2-mod-hd-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A95FEA95-703B-44E0-A7CA-9E38B2EB1980",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-55a2-mod-hx-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2079A71E-8D69-4D05-BEE4-0A3E8C96367C",
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-55a2-mod-hx-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D37BF94-9D5F-4A88-8115-3A88FF144845",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-55a2-mod-se-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF8E16-9A21-4926-913A-2CFAF249FA6F",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7A32F4-DAFC-4FC9-9941-C13E635DA6D1",
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-55a2-mod-se-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15AE071E-0CEF-4305-A92D-9F4C324BD4ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-55a2-mod-se-h-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4EF65B-B167-4A9F-879D-3CD5ECFFEBE4",
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-55a2-mod-se-h-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E50806D-115D-4903-A5B2-62654FFDD9F5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-55a1-36h-se-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B41FC0C-19F4-4A36-B5E8-C76BC13FFE6E",
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-55a1-36h-se-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14E948CF-9891-4AC8-8734-9C121B611722",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-55a1-36h-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93A1889A-D692-4CB1-8A8F-9314C66B453B",
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-55a1-36h-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF08FAF-67DD-4361-947A-40D5938DB8BA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-55a1-24h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AEF4C6-2D65-43E7-BA7E-8C30CDFFF472",
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-55a1-24h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8D61548-61B4-4B53-8574-9DB92B00A627",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs55-a1-48q6h_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35D735C-DD0A-4C05-80FB-7122552FE9BC",
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs55-a1-48q6h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3588C801-DA67-425E-9B97-AA2335F85BAD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ncs-55a1-24q6h-s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D57A9DE-FE0A-488E-868B-FCF4C7FDBC89",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB1D9CB-0063-4E75-96E4-B476B2A63238",
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ncs-55a1-24q6h-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74C8E3C6-282B-4394-A077-DF8694F7E55D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el cargador de arranque mejorado Preboot eXecution Environment (PXE) para Cisco IOS XR 64-bit Software, podr\u00eda permitir a un atacante remoto no autenticado ejecutar c\u00f3digo sin firmar durante el proceso de arranque de PXE en un dispositivo afectado.\u0026#xa0;El cargador de arranque PXE es parte del BIOS y se ejecuta en la interfaz de administraci\u00f3n de las plataformas de hardware que se ejecutan en Cisco IOS XR Software \u00fanicamente.\u0026#xa0;La vulnerabilidad se presenta porque los comandos internos que son emitidos cuando el proceso de inicio de red de PXE est\u00e1 cargando una imagen de software no es verificada apropiadamente.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al comprometer el servidor de arranque PXE y reemplazando una imagen de software v\u00e1lida por una maliciosa.\u0026#xa0;Alternativamente, el atacante podr\u00eda hacerse pasar por el servidor de arranque PXE y enviar una respuesta de arranque PXE con un archivo malicioso.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo sin firmar en el dispositivo afectado.\u0026#xa0;Nota: Para corregir esta vulnerabilidad, tanto el Cisco IOS XR Software como el BIOS deben ser actualizados.\u0026#xa0;El c\u00f3digo del BIOS est\u00e1 incluido en el Cisco IOS XR Software, pero puede requerir pasos de instalaci\u00f3n adicionales.\u0026#xa0;Para obtener m\u00e1s informaci\u00f3n, consulte la secci\u00f3n Fixed Software de este aviso"
}
],
"id": "CVE-2020-3284",
"lastModified": "2024-11-21T05:30:43.397",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-06T19:15:14.267",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2020-3284
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-3284",
"description": "A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.",
"id": "GSD-2020-3284"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-3284"
],
"details": "A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory.",
"id": "GSD-2020-3284",
"modified": "2023-12-13T01:22:09.974216Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-11-04T16:00:00",
"ID": "CVE-2020-3284",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XR Software ",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H ",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201104 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2"
}
]
},
"source": {
"advisory": "cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2",
"defect": [
[
"CSCvi82550",
"CSCvq23340",
"CSCvq31064",
"CSCvu31574"
]
],
"discovery": "INTERNAL"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a9k-rsp880-se_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.65",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a9k-rsp880-se:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a9k-rsp880-tr_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.65",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a9k-rsp880-tr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a99-rp2-se_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a99-rp2-se:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a99-rp2-tr_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a99-rp2-tr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a99-rsp-se_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a99-rsp-se:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a99-rsp-tr_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "16.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a99-rsp-tr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a9k-rsp880-lt-se_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.34",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a9k-rsp880-lt-se:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a9k-rsp880-lt-tr_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.34",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a9k-rsp880-lt-tr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:asr-9901-rp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "22.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:asr-9901-rp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a99-rp3-se_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "30.23",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a99-rp3-se:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a99-rp3-tr_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "30.23",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a99-rp3-tr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a9k-rsp5-se_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "31.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a9k-rsp5-se:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:a9k-rsp5-tr_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "31.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:a9k-rsp5-tr:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs1001_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.60",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs1001:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs1002_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.60",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs1002:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs1004_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14.60",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs1004:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:n540-12z20g-sys-a\\/d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:n540-12z20g-sys-a\\/d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:n540-24z8q2c-m_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:n540-24z8q2c-m:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:n540-28z4c-sys-a\\/d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:n540-28z4c-sys-a\\/d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:n540-acc-sys_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:n540-acc-sys:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:n540x-16z4g8q2c-a\\/d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:n540x-16z4g8q2c-a\\/d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:n540x-12z16g-sys-a\\/d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:n540x-12z16g-sys-a\\/d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:n560-4-sys_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:n560-4-sys:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:n560-7-sys_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.0.2",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:n560-7-sys:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:n560-4-sys_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:n560-4-sys:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:n560-7-sys_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:n560-7-sys:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs5001_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.13",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs5001:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs5002_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.13",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs5002:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs5011_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.14",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.2.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs5011:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:nc55-rp_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:nc55-rp:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:nc55-rp-e_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:nc55-rp-e:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-5501_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-5501:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-5501-se_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-5501-se:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-5502_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-5502:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-5502-se_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.21",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-5502-se:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-55a2-mod-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-55a2-mod-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-55a2-mod-hd-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-55a2-mod-hd-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-55a2-mod-hx-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-55a2-mod-hx-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-55a2-mod-se-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-55a2-mod-se-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-55a2-mod-se-h-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-55a2-mod-se-h-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-55a1-36h-se-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-55a1-36h-se-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-55a1-36h-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-55a1-36h-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-55a1-24h_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-55a1-24h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs55-a1-48q6h_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.12",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs55-a1-48q6h:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ncs-55a1-24q6h-s_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.6.25",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ncs-55a1-24q6h-s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2020-3284"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a software image are not properly verified. An attacker could exploit this vulnerability by compromising the PXE boot server and replacing a valid software image with a malicious one. Alternatively, the attacker could impersonate the PXE boot server and send a PXE boot reply with a malicious file. A successful exploit could allow the attacker to execute unsigned code on the affected device. Note: To fix this vulnerability, both the Cisco IOS XR Software and the BIOS must be upgraded. The BIOS code is included in Cisco IOS XR Software but might require additional installation steps. For further information, see the Fixed Software section of this advisory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201104 Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability",
"refsource": "CISCO",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-01-05T18:56Z",
"publishedDate": "2020-11-06T19:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…