CVE-2024-20343

Published Sep 11, 2024
Last updated a month ago
CVSS medium 5.5
Overview

Description: A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the arguments that are passed to a specific CLI command. An attacker could exploit this vulnerability by logging in to an affected device with low-privileged credentials and using the affected command. A successful exploit could allow the attacker access files in read-only mode on the Linux file system.
Source: ykramarz@cisco.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM
Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
ykramarz@cisco.com: CWE-284
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "D691922C-D683-411D-A26A-7287CA9CEB57"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "D0CB861B-9A6C-49EB-A01F-B6CDA2423F7F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "DBA8D271-075E-414F-A46B-D9E55204AD8B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.15:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "060A41A3-5159-4BA2-B0D6-C0D9D0F1467F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.92:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "AFEC2F32-47D4-4084-BBDD-2E1857C97DD7"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.5.93:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "B80FF231-BE4F-4F49-86C9-C5D7570B5BCB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "1E0737D4-0DC3-4352-BF0F-80F58DED1129"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "7F93BC7E-C573-4DE7-92A0-FD059EEC0ECC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.3:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "BA9F52C2-58B2-46DC-86D8-F0FA842C4240"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.4:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "2FCC703B-2521-4CD2-B3AF-5D3D43F748DE"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.11:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "0FCE8A35-54CE-421A-AFEE-E62EECB64900"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.12:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "7803B636-6A85-45FA-83BA-BB5B4ED775A9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "A1149D66-512B-41E0-B465-39C27F466269"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.0:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "8ED826AF-B389-4DB9-96B6-401FDEEDF30D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "60BD40B4-B330-4A20-903B-08F2D99C58C2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "93B9BC0F-FD25-4FF4-81BB-8B02D2F3FF09"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.11:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "C62E9990-2165-40A3-A8D8-3753219DF229"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.12:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "FAD6DC10-B22B-4C14-8031-102827E08CEB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.14:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "1C6F5775-AB85-43A3-A896-14FEF73FB728"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.0.90:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "70D78739-857C-432A-8B5B-BA703D657E7E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "A683A7AD-EB0B-4B80-BB31-FA4379E2D2B2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "6EF6DD05-C434-40E2-B29C-C6827B8259BC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.3:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "E1E836DA-38C1-4B48-8053-D152204B7826"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.15:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "61076700-F1CB-4BDC-A5FA-E6EB4FDC34B2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.1.25:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "C4484642-FB33-4982-B072-F796C4F54391"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.2.0:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "6EA2C9ED-4BD4-4452-B701-02DC32E0874B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.2.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "E4E2B5C4-2845-4D8F-8DD9-F613BB8344A9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.2.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "31599228-CA16-44D1-A9CA-6F67309D2572"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.2.12:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "E6017458-51D2-4293-AE85-43D835048D76"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "8F67EAA7-66BE-49B5-81C5-57567435AEEC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "635F4C04-780A-44BF-BA3E-94F87FCA9196"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.3:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "77372BDA-F12D-4EC0-A063-BAD94EF13937"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.4:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "577395B7-C379-472B-97E5-9AB62F33CEEB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.5:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "DBE537BC-8280-49A4-8930-E20CD13CAAE0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.6:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "BC9C6FBB-1CF0-4D74-B6E8-42A971F6FBDD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.15:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "69DAFDE5-10A7-407D-BB17-AA2FC4853AEC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.16:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "D6B10927-6B87-4B3D-959D-DC30BC8F1457"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.3.27:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "AE1E8739-B769-447E-BACC-6933F06EACA5"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.4.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "79092ED3-7165-4300-89EF-EF3F55752560"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.4.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "8719477E-93EE-4CA4-AB6E-9DB405582F53"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.4.15:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "9DADF777-BD20-4B09-A722-DDA8B2C8400D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.4.16:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "4E9779A8-2075-4D07-A82B-5F380579A222"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "E33D5313-934E-4354-A63E-4F2926F51A68"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "48B64A94-9B16-46B1-931D-ED35839E658D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.3:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "50144FDB-A472-43D5-AF6D-36B940CA40AD"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.4:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "E8D51B99-F62D-4363-8C4B-9BCBB3A25644"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.5:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "EB9D407B-15D6-4A2A-940E-7174F6D2E16C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.12:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "BD32791C-061E-4D74-A059-18EBC809F351"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.5.52:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "6ED2F45C-DE0C-428E-B858-4D1C99AC3533"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.6.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "378D45F1-C4FF-4300-9E61-77CDA2EB985E"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.6.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "6B6D6A73-27F2-45DE-AB60-AF25793E4E6F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.6.15:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "41594E36-13B9-4CD8-8ADD-35D1021D2AF6"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.7.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "EA1C1F2A-0BBE-4BCF-9412-4C6A2F1ED414"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.7.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "02328030-97BA-4F91-B9CA-7A69ECAA1F4B"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.7.21:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "98DBF2D7-6E91-485E-9132-315A3E3E9D08"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.8.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "8437B415-BD94-4BA3-833B-07A8996CDDA9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.8.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "75632E65-4854-441B-AFBA-7482452FD2EB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.8.12:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "BA500CFC-586E-44C1-B9F7-C8562E1E2D32"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.8.22:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "7FF4094B-A136-4832-BDE7-F6EA97A33334"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.9.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "20EBE816-B549-4685-80C0-C5415E6D63B9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.9.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "4439DCF6-FFAD-406D-B558-04E853F5F6EE"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.9.21:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "1A3094EF-016C-440E-B558-BA54EA1ADD50"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.10.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "D413C206-0E63-4DA9-A279-878C55C1EF47"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.10.2:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "25AB0A66-411A-49A1-865E-603085367AFF"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:7.11.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "1457E79B-5411-40A0-A403-FE80C604AFFB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:ios_xr:24.1.1:*:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "B0A42301-2EF2-4893-9367-9E883301C13A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
