Описание
Уязвимость командного синтаксического анализатора CLI операционных системы Cisco IOS и Cisco IOS XE связана с ошибками при обработке входных данных. Эксплуатация уязвимости может позволить нарушителю получить доступ к защищаемой информации
Вендор
Cisco Systems Inc.
Наименование ПО
Cisco IOS
Cisco IOS XE
Версия ПО
12.4 (Cisco IOS)
15.3s (Cisco IOS)
16.1 (Cisco IOS XE)
16.2 (Cisco IOS XE)
3.9S (Cisco IOS XE)
3.2SE (Cisco IOS XE)
3.3XO (Cisco IOS XE)
16.3 (Cisco IOS XE)
3.7E (Cisco IOS XE)
3.8E (Cisco IOS XE)
3.9E (Cisco IOS XE)
3.10S (Cisco IOS XE)
3.15S (Cisco IOS XE)
3.16S (Cisco IOS XE)
3.17S (Cisco IOS XE)
3.2SG (Cisco IOS XE)
3.7S (Cisco IOS XE)
3.3SG (Cisco IOS XE)
3.8S (Cisco IOS XE)
3.3SE (Cisco IOS XE)
3.4SG (Cisco IOS XE)
3.5E (Cisco IOS XE)
3.11S (Cisco IOS XE)
3.12S (Cisco IOS XE)
3.13S (Cisco IOS XE)
3.6E (Cisco IOS XE)
3.14S (Cisco IOS XE)
3.3SQ (Cisco IOS XE)
3.4SQ (Cisco IOS XE)
3.5SQ (Cisco IOS XE)
3.18S (Cisco IOS XE)
3.18SP (Cisco IOS XE)
3.10E (Cisco IOS XE)
12.2ZI (Cisco IOS)
12.2EZ (Cisco IOS)
12.2SB (Cisco IOS)
12.4MD (Cisco IOS)
12.2SRC (Cisco IOS)
12.2SRD (Cisco IOS)
12.2SXI (Cisco IOS)
12.4JY (Cisco IOS)
12.2SRE (Cisco IOS)
15.0S (Cisco IOS)
15.2S (Cisco IOS)
15.0EY (Cisco IOS)
12.2ZZ (Cisco IOS)
15.1S (Cisco IOS)
15.0SY (Cisco IOS)
12.2SXJ (Cisco IOS)
12.2SCF (Cisco IOS)
12.2SCE (Cisco IOS)
15.0SG (Cisco IOS)
15.0EX (Cisco IOS)
12.2SCG (Cisco IOS)
15.1SY (Cisco IOS)
12.2SCH (Cisco IOS)
15.4S (Cisco IOS)
15.2SC (Cisco IOS)
15.2SY (Cisco IOS)
15.5S (Cisco IOS)
12.2SCI (Cisco IOS)
15.3SY (Cisco IOS)
12.2SCJ (Cisco IOS)
15.6SP (Cisco IOS)
15.4SY (Cisco IOS)
15.5SY (Cisco IOS)
15.0XA (Cisco IOS)
15.1T (Cisco IOS)
15.1XB (Cisco IOS)
15.1M (Cisco IOS)
15.1GC (Cisco IOS)
15.0MR (Cisco IOS)
15.1MRA (Cisco IOS)
15.1SVB (Cisco IOS)
15.1SVD (Cisco IOS)
15.1SVF (Cisco IOS)
15.1SVE (Cisco IOS)
15.2SD (Cisco IOS)
15.1SVG (Cisco IOS)
15.4SN (Cisco IOS)
15.1SVH (Cisco IOS)
15.5SN (Cisco IOS)
15.6S (Cisco IOS)
15.1SVI (Cisco IOS)
15.6SN (Cisco IOS)
15.1SVJ (Cisco IOS)
15.3JF (Cisco IOS)
15.1SG (Cisco IOS)
15.2E (Cisco IOS)
16.12 (Cisco IOS XE)
12.2SE (Cisco IOS)
12.2EX (Cisco IOS)
12.2EY (Cisco IOS)
12.4MR (Cisco IOS)
12.4T (Cisco IOS)
12.2SG (Cisco IOS)
12.4XZ (Cisco IOS)
12.4XR (Cisco IOS)
12.2XO (Cisco IOS)
12.4MDA (Cisco IOS)
12.4YG (Cisco IOS)
15.0M (Cisco IOS)
15.0XO (Cisco IOS)
12.4MRB (Cisco IOS)
12.2WO (Cisco IOS)
15.0SE (Cisco IOS)
12.4MDB (Cisco IOS)
15.0EZ (Cisco IOS)
12.4YS (Cisco IOS)
15.2EY (Cisco IOS)
15.0EJ (Cisco IOS)
15.2EX (Cisco IOS)
15.0EK (Cisco IOS)
15.2EB (Cisco IOS)
15.2EA (Cisco IOS)
15.0SQD (Cisco IOS)
15.2EC (Cisco IOS)
12.2I (Cisco IOS)
15.1SVS (Cisco IOS)
3.11E (Cisco IOS XE)
15.3JK (Cisco IOS)
15.1SVR (Cisco IOS)
12.2CX (Cisco IOS)
12.2CY (Cisco IOS)
12.4JA (Cisco IOS)
12.4XQ (Cisco IOS)
12.4JX (Cisco IOS)
12.2MRA (Cisco IOS)
12.2MRB (Cisco IOS)
12.4JHA (Cisco IOS)
12.4M (Cisco IOS)
12.4JHC (Cisco IOS)
12.4JAX (Cisco IOS)
12.4JAZ (Cisco IOS)
12.4JB (Cisco IOS)
12.4JAL (Cisco IOS)
12.4JAM (Cisco IOS)
12.4JAO (Cisco IOS)
12.4JAP (Cisco IOS)
Тип ПО
Операционная система
Операционные системы и аппаратные платформы
Cisco Systems Inc. Cisco IOS 12.4
Cisco Systems Inc. Cisco IOS 15.3s
Cisco Systems Inc. Cisco IOS XE 16.1
Cisco Systems Inc. Cisco IOS XE 16.2
Cisco Systems Inc. Cisco IOS XE 3.9S
Cisco Systems Inc. Cisco IOS XE 3.2SE
Cisco Systems Inc. Cisco IOS XE 3.3XO
Cisco Systems Inc. Cisco IOS XE 16.3
Cisco Systems Inc. Cisco IOS XE 3.7E
Cisco Systems Inc. Cisco IOS XE 3.8E
Cisco Systems Inc. Cisco IOS XE 3.9E
Cisco Systems Inc. Cisco IOS XE 3.10S
Cisco Systems Inc. Cisco IOS XE 3.15S
Cisco Systems Inc. Cisco IOS XE 3.16S
Cisco Systems Inc. Cisco IOS XE 3.17S
Cisco Systems Inc. Cisco IOS XE 3.2SG
Cisco Systems Inc. Cisco IOS XE 3.7S
Cisco Systems Inc. Cisco IOS XE 3.3SG
Cisco Systems Inc. Cisco IOS XE 3.8S
Cisco Systems Inc. Cisco IOS XE 3.3SE
Cisco Systems Inc. Cisco IOS XE 3.4SG
Cisco Systems Inc. Cisco IOS XE 3.5E
Cisco Systems Inc. Cisco IOS XE 3.11S
Cisco Systems Inc. Cisco IOS XE 3.12S
Cisco Systems Inc. Cisco IOS XE 3.13S
Cisco Systems Inc. Cisco IOS XE 3.6E
Cisco Systems Inc. Cisco IOS XE 3.14S
Cisco Systems Inc. Cisco IOS XE 3.3SQ
Cisco Systems Inc. Cisco IOS XE 3.4SQ
Cisco Systems Inc. Cisco IOS XE 3.5SQ
Cisco Systems Inc. Cisco IOS XE 3.18S
Cisco Systems Inc. Cisco IOS XE 3.18SP
Cisco Systems Inc. Cisco IOS XE 3.10E
Cisco Systems Inc. Cisco IOS 12.2ZI
Cisco Systems Inc. Cisco IOS 12.2EZ
Cisco Systems Inc. Cisco IOS 12.2SB
Cisco Systems Inc. Cisco IOS 12.4MD
Cisco Systems Inc. Cisco IOS 12.2SRC
Cisco Systems Inc. Cisco IOS 12.2SRD
Cisco Systems Inc. Cisco IOS 12.2SXI
Cisco Systems Inc. Cisco IOS 12.4JY
Cisco Systems Inc. Cisco IOS 12.2SRE
Cisco Systems Inc. Cisco IOS 15.0S
Cisco Systems Inc. Cisco IOS 15.2S
Cisco Systems Inc. Cisco IOS 15.0EY
Cisco Systems Inc. Cisco IOS 12.2ZZ
Cisco Systems Inc. Cisco IOS 15.1S
Cisco Systems Inc. Cisco IOS 15.0SY
Cisco Systems Inc. Cisco IOS 12.2SXJ
Cisco Systems Inc. Cisco IOS 12.2SCF
Cisco Systems Inc. Cisco IOS 12.2SCE
Cisco Systems Inc. Cisco IOS 15.0SG
Cisco Systems Inc. Cisco IOS 15.0EX
Cisco Systems Inc. Cisco IOS 12.2SCG
Cisco Systems Inc. Cisco IOS 15.1SY
Cisco Systems Inc. Cisco IOS 12.2SCH
Cisco Systems Inc. Cisco IOS 15.4S
Cisco Systems Inc. Cisco IOS 15.2SC
Cisco Systems Inc. Cisco IOS 15.2SY
Cisco Systems Inc. Cisco IOS 15.5S
Cisco Systems Inc. Cisco IOS 12.2SCI
Cisco Systems Inc. Cisco IOS 15.3SY
Cisco Systems Inc. Cisco IOS 12.2SCJ
Cisco Systems Inc. Cisco IOS 15.6SP
Cisco Systems Inc. Cisco IOS 15.4SY
Cisco Systems Inc. Cisco IOS 15.5SY
Cisco Systems Inc. Cisco IOS 15.0XA
Cisco Systems Inc. Cisco IOS 15.1T
Cisco Systems Inc. Cisco IOS 15.1XB
Cisco Systems Inc. Cisco IOS 15.1M
Cisco Systems Inc. Cisco IOS 15.1GC
Cisco Systems Inc. Cisco IOS 15.0MR
Cisco Systems Inc. Cisco IOS 15.1MRA
Cisco Systems Inc. Cisco IOS 15.1SVB
Cisco Systems Inc. Cisco IOS 15.1SVD
Cisco Systems Inc. Cisco IOS 15.1SVF
Cisco Systems Inc. Cisco IOS 15.1SVE
Cisco Systems Inc. Cisco IOS 15.2SD
Cisco Systems Inc. Cisco IOS 15.1SVG
Cisco Systems Inc. Cisco IOS 15.4SN
Cisco Systems Inc. Cisco IOS 15.1SVH
Cisco Systems Inc. Cisco IOS 15.5SN
Cisco Systems Inc. Cisco IOS 15.6S
Cisco Systems Inc. Cisco IOS 15.1SVI
Cisco Systems Inc. Cisco IOS 15.6SN
Cisco Systems Inc. Cisco IOS 15.1SVJ
Cisco Systems Inc. Cisco IOS 15.3JF
Cisco Systems Inc. Cisco IOS 15.1SG
Cisco Systems Inc. Cisco IOS 15.2E
Cisco Systems Inc. Cisco IOS XE 16.12
Cisco Systems Inc. Cisco IOS 12.2SE
Cisco Systems Inc. Cisco IOS 12.2EX
Cisco Systems Inc. Cisco IOS 12.2EY
Cisco Systems Inc. Cisco IOS 12.4MR
Cisco Systems Inc. Cisco IOS 12.4T
Cisco Systems Inc. Cisco IOS 12.2SG
Cisco Systems Inc. Cisco IOS 12.4XZ
Cisco Systems Inc. Cisco IOS 12.4XR
Cisco Systems Inc. Cisco IOS 12.2XO
Cisco Systems Inc. Cisco IOS 12.4MDA
Cisco Systems Inc. Cisco IOS 12.4YG
Cisco Systems Inc. Cisco IOS 15.0M
Cisco Systems Inc. Cisco IOS 15.0XO
Cisco Systems Inc. Cisco IOS 12.4MRB
Cisco Systems Inc. Cisco IOS 12.2WO
Cisco Systems Inc. Cisco IOS 15.0SE
Cisco Systems Inc. Cisco IOS 12.4MDB
Cisco Systems Inc. Cisco IOS 15.0EZ
Cisco Systems Inc. Cisco IOS 12.4YS
Cisco Systems Inc. Cisco IOS 15.2EY
Cisco Systems Inc. Cisco IOS 15.0EJ
Cisco Systems Inc. Cisco IOS 15.2EX
Cisco Systems Inc. Cisco IOS 15.0EK
Cisco Systems Inc. Cisco IOS 15.2EB
Cisco Systems Inc. Cisco IOS 15.2EA
Cisco Systems Inc. Cisco IOS 15.0SQD
Cisco Systems Inc. Cisco IOS 15.2EC
Cisco Systems Inc. Cisco IOS 12.2I
Cisco Systems Inc. Cisco IOS 15.1SVS
Cisco Systems Inc. Cisco IOS XE 3.11E
Cisco Systems Inc. Cisco IOS 15.3JK
Cisco Systems Inc. Cisco IOS 15.1SVR
Cisco Systems Inc. Cisco IOS 12.2CX
Cisco Systems Inc. Cisco IOS 12.2CY
Cisco Systems Inc. Cisco IOS 12.4JA
Cisco Systems Inc. Cisco IOS 12.4XQ
Cisco Systems Inc. Cisco IOS 12.4JX
Cisco Systems Inc. Cisco IOS 12.2MRA
Cisco Systems Inc. Cisco IOS 12.2MRB
Cisco Systems Inc. Cisco IOS 12.4JHA
Cisco Systems Inc. Cisco IOS 12.4M
Cisco Systems Inc. Cisco IOS 12.4JHC
Cisco Systems Inc. Cisco IOS 12.4JAX
Cisco Systems Inc. Cisco IOS 12.4JAZ
Cisco Systems Inc. Cisco IOS 12.4JB
Cisco Systems Inc. Cisco IOS 12.4JAL
Cisco Systems Inc. Cisco IOS 12.4JAM
Cisco Systems Inc. Cisco IOS 12.4JAO
Cisco Systems Inc. Cisco IOS 12.4JAP
Уровень опасности уязвимости
Средний уровень опасности (базовая оценка CVSS 2.0 составляет 4,6)
Средний уровень опасности (базовая оценка CVSS 3.0 составляет 5,5)
Возможные меры по устранению уязвимости
Использование рекомендаций:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-info-disclosure-V4BmJBNF
Статус уязвимости
Подтверждена производителем
Наличие эксплойта
Данные уточняются
Информация об устранении
Уязвимость устранена
Идентификаторы других систем описаний уязвимостей
- CVE
EPSS
Процентиль: 15%
0.0005
Низкий
5.5 Medium
CVSS3
4.6 Medium
CVSS2
Связанные уязвимости
CVSS3: 5.5
nvd
больше 5 лет назад
A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain read-only access to files that are located on the flash: filesystem that otherwise might not have been accessible.
github
больше 3 лет назад
A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain read-only access to files that are located on the flash: filesystem that otherwise might not have been accessible.
EPSS
Процентиль: 15%
0.0005
Низкий
5.5 Medium
CVSS3
4.6 Medium
CVSS2