CVE-2021-34709

CVE Database · CVE-2021-34709

CVE-2021-34709

· MEDIUMModified

CVSS v3.1

6.0

EPSS

0.15%

Published

Sep 9, 2021

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Weaknesses (CWE)

CWE-347CWE-347

Affected Products (25)

cisco · ios_xr (up to 7.3.2)vulnerable

cisco · 8101-32fh

cisco · 8101-32h

cisco · 8102-64h

cisco · 8201

cisco · 8201-32fh

cisco · 8202

cisco · 8800_12-slot

cisco · 8800_18-slot

cisco · 8800_4-slot

cisco · 8800_8-slot

cisco · ios_xr (up to 7.3.2)vulnerable

cisco · ios_xr

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lnt-QN9mCzwn

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lnt-QN9mCzwn

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs