Описание
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device.
Уязвимые конфигурации
Одно из
EPSS
6.8 Medium
CVSS3
6.8 Medium
CVSS3
7.2 High
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device.
Уязвимость программного обеспечения Cisco IOS XE SD-WAN, связанная с недостатками аутентификации, позволяющая нарушителю получить полный контроль над устройством
EPSS
6.8 Medium
CVSS3
6.8 Medium
CVSS3
7.2 High
CVSS2