Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Image Verification Vulnerabilities
Vulnerability Description
Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
密码学签名的验证不恰当
Vulnerability Title
多款Cisco产品数据伪造问题漏洞
Vulnerability Description
Cisco 8000 Series Router和Cisco Network Convergence System 540 Series Routers都是美国Cisco公司的一款路由器设备。 多款 Cisco 路由器的 Cisco IOS XR 存在数据伪造问题漏洞。该漏洞是由于ISO中未签名的脚本导致的,该脚本在系统升级之前未经执行便已验证。要利用此漏洞,攻击者可以修改ISO映像,然后使用该映像以经过身份验证的管理员身份进行升级,或者将该映像放置在文件服务器上,毫无疑问的管理员可以在升级设备时使用该映
CVSS Information
N/A
Vulnerability Type
N/A