Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerability
Vulnerability Description
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device. The vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker could exploit this vulnerability by first authenticating to the local CLI shell on the device and using the CLI command to bypass the task group–based checks. A successful exploit could allow the attacker to elevate privileges and perform actions on the device without authorization checks.
CVSS Information
N/A
Vulnerability Type
权限、特权和访问控制
Vulnerability Title
Cisco IOS XR 权限许可和访问控制问题漏洞
Vulnerability Description
Cisco IOS和Cisco IOS XR都是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XR存在权限许可和访问控制问题漏洞,该漏洞源于源代码中的命令到任务组的映射不正确造成的,攻击者可借助该漏洞提升权限并获取设备的管理控制权限。
CVSS Information
N/A
Vulnerability Type
N/A