We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2021-34771

Cisco IOS XR Software Unauthorized Information Disclosure Vulnerability



Description

A vulnerability in the Cisco IOS XR Software CLI could allow an authenticated, local attacker to view more information than their privileges allow. This vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by running a specific command. A successful exploit could allow the attacker to view sensitive configuration information that their privileges might not otherwise allow them to access.

Reserved 2021-06-15 | Published 2021-09-09 | Updated 2024-11-07 | Assigner cisco


MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-201

Product status

Any version
affected

References

tools.cisco.com/...Advisory/cisco-sa-iosxr-infodisc-CjLdGMc5 (20210908 Cisco IOS XR Software Unauthorized Information Disclosure Vulnerability) vendor-advisory

cve.org (CVE-2021-34771)

nvd.nist.gov (CVE-2021-34771)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2021-34771

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.