Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities
Vulnerability Description
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Cisco IOS XR 操作系统命令注入漏洞
Vulnerability Description
Cisco IOS XR是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XR软件CLI存在操作系统命令注入漏洞,该漏洞源于对用户提供的命令输入验证不足。攻击者可利用该漏洞通过在提示符处使用精心编制的命令来提升受影响设备上的权限
CVSS Information
N/A
Vulnerability Type
N/A