Vulnerability identifier: #VU73202
Vulnerability risk: Low
CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Cisco ASR 9000 Series Aggregation Services Routers
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco IOS XRv 9000 Router
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Cisco Network Convergence System 540 Series Routers
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NCS 1001 Series Routers
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NCS 1002 Series Routers
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NCS5000
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NCS 5000 Series Routers
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NCS 5700 Series Routers
Hardware solutions /
Routers & switches, VoIP, GSM, etc
NCS 6000 Series Routers
Hardware solutions /
Routers & switches, VoIP, GSM, etc
IOS XR White box
Operating systems & Components /
Operating system package or component
NCS560
Hardware solutions /
Firmware
NCS5500
Hardware solutions /
Firmware
Cisco IOS XR
Operating systems & Components /
Operating system
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists due to the inclusion of unnecessary commands within the GRand Unified Bootloader (GRUB). An attacker with physical access can gain unauthorized access to sensitive information on the system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Cisco ASR 9000 Series Aggregation Services Routers: All versions
IOS XR White box: All versions
Cisco IOS XRv 9000 Router: All versions
Cisco Network Convergence System 540 Series Routers: All versions
NCS560: All versions
NCS 1001 Series Routers: All versions
NCS 1002 Series Routers: All versions
NCS5000: All versions
NCS 5000 Series Routers: All versions
NCS5500: All versions
NCS 5700 Series Routers: All versions
NCS 6000 Series Routers: All versions
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.