CVE-2023-20064

Published Mar 9, 2023

Last updated a year ago

CVSS medium 4.6

Overview

Description: A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 4.6
Impact score: 3.6
Exploitability score: 0.9
Vector string: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-862
ykramarz@cisco.com: CWE-862

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8E6CEEB-0908-4884-A51E-000000DE5E92",
            "versionEndExcluding": "7.9.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:asr_9000v-v2:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "FAE7AE4D-73A6-4179-80DA-2219563928E1"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "E9B8E1A6-A438-441D-ADA2-BE2BF837EAA9"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9006:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "BB7DD32E-B22D-4392-B255-5C3F9CD39F3E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "915D9708-E3AC-447A-A67C-815A8E282A42"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9901:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "E7D9C475-6E5D-4AE9-A8D4-5B023C128A46"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9902:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "0FF7BDEE-8351-4CE3-BEAD-42C8767E0BF8"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9903:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "A5266F35-6886-4CF1-81DB-25626A0A26A0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9904:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "0FB63566-D9F5-4A36-87E2-AC87ADB9DE6C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9906:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "910A1686-5B13-4D37-9C1F-2F0073D57E5F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9910:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "430F0546-C2E9-41EE-8A8E-1C63945160F3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9912:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "E1D3885B-7BEC-49DA-AE56-0DA18117C9E7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:asr_9922:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "1496BE0A-B0BA-48BC-A476-A85A6D62EA50"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ios_xrv_9000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EEE98C3E-67E2-43A3-AEA9-1575F2B93A78"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_1001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0F6E0FBE-70B7-413C-8943-39BEFE050298"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_1002:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "37AE5FB0-D9A6-4EBE-9F7F-243299AE918B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_1004:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "60C9AAF8-4C5B-4EF5-B575-8235F3C54BCC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B25F4932-6940-4934-B110-577417B93948",
            "versionEndExcluding": "7.6.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:nc57-18dd-se:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "98728BD8-C11B-413D-8C8A-052661A608AA"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nc57-24dd:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "71B61EB0-E121-4899-9504-269CE4E7E3EB"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nc57-36h-se:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6811F99A-F96F-4B26-AF68-DC1A8C3B65E0"
          },
          {
            "criteria": "cpe:2.3:h:cisco:nc57-36h6d-s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "560B88A5-3716-43AB-A094-063293EF6509"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BC7AE6C1-B7C6-4056-9719-B5CFF71970AD"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_540_fronthaul:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F9C17E4B-1B14-42F2-BCE6-2D5020625382"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_5501:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0A972EFE-4F7E-4BFC-8631-66A2D16B74A3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_5501-se:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1B254955-C485-45D7-A19B-E78CE1D997AD"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_5502:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F72AEF0-EE70-40F8-B52B-1390820B87BB"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_5502-se:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "50C7B71A-2559-4E90-BAAA-C6FAAFE35FC3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_5508:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "43D21B01-A754-474F-8E46-14D733AB307E"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_5516:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "17D6424C-972F-459C-B8F7-04FFD9F541BC"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_560-4:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BB01E968-E838-4D3C-B603-BF7E4E0F8A2C"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_560-7:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "08864A59-0840-4407-8D30-9CE34BAF05E7"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "13EEDD1C-25BC-4AFA-AF60-66DE36927528"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5CD3B06B-864E-4A35-B0C3-1654390022D2"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AD1B4F37-5AAA-4F40-8865-226289CB5CEB"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_57c3-mod-sys:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "355F78C3-C07F-48C3-9B6E-55714EAA7331"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_57c3-mods-sys:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "98F06B5D-6CE8-42C3-8760-89B4EF1FFC21"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3FBC1F6-F523-485A-A466-B6DBA15E6537",
            "versionEndExcluding": "7.7.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:ncs_5001:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E2A8C028-107B-4410-BCC6-5BCB8DB63603"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_5002:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA13FE67-F4AE-46DF-921B-3FB91BDF742B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:ncs_5011:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "98622F14-CC47-45E0-85E4-A7243309487C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C15E168-11DA-4219-B689-78BC48935263"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:ncs_6000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "523058BF-DE14-4FAD-8A67-C8CA795032D9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References