CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.2%
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected commands. An exploit could allow the attacker to gain root privileges on the affected device.
[
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.10.0S"
},
{
"status": "affected",
"version": "3.10.1S"
},
{
"status": "affected",
"version": "3.10.2S"
},
{
"status": "affected",
"version": "3.10.3S"
},
{
"status": "affected",
"version": "3.10.4S"
},
{
"status": "affected",
"version": "3.10.5S"
},
{
"status": "affected",
"version": "3.10.6S"
},
{
"status": "affected",
"version": "3.10.2aS"
},
{
"status": "affected",
"version": "3.10.2tS"
},
{
"status": "affected",
"version": "3.10.7S"
},
{
"status": "affected",
"version": "3.10.8S"
},
{
"status": "affected",
"version": "3.10.8aS"
},
{
"status": "affected",
"version": "3.10.9S"
},
{
"status": "affected",
"version": "3.10.10S"
},
{
"status": "affected",
"version": "3.11.1S"
},
{
"status": "affected",
"version": "3.11.2S"
},
{
"status": "affected",
"version": "3.11.0S"
},
{
"status": "affected",
"version": "3.11.3S"
},
{
"status": "affected",
"version": "3.11.4S"
},
{
"status": "affected",
"version": "3.12.0S"
},
{
"status": "affected",
"version": "3.12.1S"
},
{
"status": "affected",
"version": "3.12.2S"
},
{
"status": "affected",
"version": "3.12.3S"
},
{
"status": "affected",
"version": "3.12.0aS"
},
{
"status": "affected",
"version": "3.12.4S"
},
{
"status": "affected",
"version": "3.13.0S"
},
{
"status": "affected",
"version": "3.13.1S"
},
{
"status": "affected",
"version": "3.13.2S"
},
{
"status": "affected",
"version": "3.13.3S"
},
{
"status": "affected",
"version": "3.13.4S"
},
{
"status": "affected",
"version": "3.13.5S"
},
{
"status": "affected",
"version": "3.13.2aS"
},
{
"status": "affected",
"version": "3.13.0aS"
},
{
"status": "affected",
"version": "3.13.5aS"
},
{
"status": "affected",
"version": "3.13.6S"
},
{
"status": "affected",
"version": "3.13.7S"
},
{
"status": "affected",
"version": "3.13.6aS"
},
{
"status": "affected",
"version": "3.13.6bS"
},
{
"status": "affected",
"version": "3.13.7aS"
},
{
"status": "affected",
"version": "3.13.8S"
},
{
"status": "affected",
"version": "3.13.9S"
},
{
"status": "affected",
"version": "3.13.10S"
},
{
"status": "affected",
"version": "3.14.0S"
},
{
"status": "affected",
"version": "3.14.1S"
},
{
"status": "affected",
"version": "3.14.2S"
},
{
"status": "affected",
"version": "3.14.3S"
},
{
"status": "affected",
"version": "3.14.4S"
},
{
"status": "affected",
"version": "3.15.0S"
},
{
"status": "affected",
"version": "3.15.1S"
},
{
"status": "affected",
"version": "3.15.2S"
},
{
"status": "affected",
"version": "3.15.1cS"
},
{
"status": "affected",
"version": "3.15.3S"
},
{
"status": "affected",
"version": "3.15.4S"
},
{
"status": "affected",
"version": "3.16.0S"
},
{
"status": "affected",
"version": "3.16.1S"
},
{
"status": "affected",
"version": "3.16.0aS"
},
{
"status": "affected",
"version": "3.16.1aS"
},
{
"status": "affected",
"version": "3.16.2S"
},
{
"status": "affected",
"version": "3.16.2aS"
},
{
"status": "affected",
"version": "3.16.0bS"
},
{
"status": "affected",
"version": "3.16.0cS"
},
{
"status": "affected",
"version": "3.16.3S"
},
{
"status": "affected",
"version": "3.16.2bS"
},
{
"status": "affected",
"version": "3.16.3aS"
},
{
"status": "affected",
"version": "3.16.4S"
},
{
"status": "affected",
"version": "3.16.4aS"
},
{
"status": "affected",
"version": "3.16.4bS"
},
{
"status": "affected",
"version": "3.16.4gS"
},
{
"status": "affected",
"version": "3.16.5S"
},
{
"status": "affected",
"version": "3.16.4cS"
},
{
"status": "affected",
"version": "3.16.4dS"
},
{
"status": "affected",
"version": "3.16.4eS"
},
{
"status": "affected",
"version": "3.16.6S"
},
{
"status": "affected",
"version": "3.16.5aS"
},
{
"status": "affected",
"version": "3.16.5bS"
},
{
"status": "affected",
"version": "3.16.7S"
},
{
"status": "affected",
"version": "3.16.6bS"
},
{
"status": "affected",
"version": "3.16.7aS"
},
{
"status": "affected",
"version": "3.16.7bS"
},
{
"status": "affected",
"version": "3.16.8S"
},
{
"status": "affected",
"version": "3.17.0S"
},
{
"status": "affected",
"version": "3.17.1S"
},
{
"status": "affected",
"version": "3.17.2S"
},
{
"status": "affected",
"version": "3.17.1aS"
},
{
"status": "affected",
"version": "3.17.3S"
},
{
"status": "affected",
"version": "3.17.4S"
},
{
"status": "affected",
"version": "16.1.1"
},
{
"status": "affected",
"version": "16.1.2"
},
{
"status": "affected",
"version": "16.1.3"
},
{
"status": "affected",
"version": "16.2.1"
},
{
"status": "affected",
"version": "16.2.2"
},
{
"status": "affected",
"version": "16.3.1"
},
{
"status": "affected",
"version": "16.3.2"
},
{
"status": "affected",
"version": "16.3.3"
},
{
"status": "affected",
"version": "16.3.1a"
},
{
"status": "affected",
"version": "16.3.4"
},
{
"status": "affected",
"version": "16.3.5"
},
{
"status": "affected",
"version": "16.3.5b"
},
{
"status": "affected",
"version": "16.3.6"
},
{
"status": "affected",
"version": "16.3.7"
},
{
"status": "affected",
"version": "16.4.1"
},
{
"status": "affected",
"version": "16.4.2"
},
{
"status": "affected",
"version": "16.4.3"
},
{
"status": "affected",
"version": "16.5.1"
},
{
"status": "affected",
"version": "16.5.1a"
},
{
"status": "affected",
"version": "16.5.1b"
},
{
"status": "affected",
"version": "16.5.2"
},
{
"status": "affected",
"version": "16.5.3"
},
{
"status": "affected",
"version": "3.18.0aS"
},
{
"status": "affected",
"version": "3.18.0S"
},
{
"status": "affected",
"version": "3.18.1S"
},
{
"status": "affected",
"version": "3.18.2S"
},
{
"status": "affected",
"version": "3.18.3S"
},
{
"status": "affected",
"version": "3.18.4S"
},
{
"status": "affected",
"version": "3.18.0SP"
},
{
"status": "affected",
"version": "3.18.1SP"
},
{
"status": "affected",
"version": "3.18.1aSP"
},
{
"status": "affected",
"version": "3.18.1gSP"
},
{
"status": "affected",
"version": "3.18.1bSP"
},
{
"status": "affected",
"version": "3.18.1cSP"
},
{
"status": "affected",
"version": "3.18.2SP"
},
{
"status": "affected",
"version": "3.18.1hSP"
},
{
"status": "affected",
"version": "3.18.2aSP"
},
{
"status": "affected",
"version": "3.18.1iSP"
},
{
"status": "affected",
"version": "3.18.3SP"
},
{
"status": "affected",
"version": "3.18.4SP"
},
{
"status": "affected",
"version": "3.18.3aSP"
},
{
"status": "affected",
"version": "3.18.3bSP"
},
{
"status": "affected",
"version": "3.18.5SP"
},
{
"status": "affected",
"version": "16.6.1"
},
{
"status": "affected",
"version": "16.6.2"
},
{
"status": "affected",
"version": "16.6.3"
},
{
"status": "affected",
"version": "16.6.4"
},
{
"status": "affected",
"version": "16.6.4s"
},
{
"status": "affected",
"version": "16.6.4a"
},
{
"status": "affected",
"version": "16.7.1"
},
{
"status": "affected",
"version": "16.7.1a"
},
{
"status": "affected",
"version": "16.7.1b"
},
{
"status": "affected",
"version": "16.7.2"
},
{
"status": "affected",
"version": "16.8.1"
},
{
"status": "affected",
"version": "16.8.1a"
},
{
"status": "affected",
"version": "16.8.1b"
},
{
"status": "affected",
"version": "16.8.1s"
},
{
"status": "affected",
"version": "16.8.1c"
},
{
"status": "affected",
"version": "16.8.1d"
},
{
"status": "affected",
"version": "16.8.2"
},
{
"status": "affected",
"version": "16.8.1e"
},
{
"status": "affected",
"version": "16.9.1"
},
{
"status": "affected",
"version": "16.9.2"
},
{
"status": "affected",
"version": "16.9.1a"
},
{
"status": "affected",
"version": "16.9.1b"
},
{
"status": "affected",
"version": "16.9.1s"
},
{
"status": "affected",
"version": "16.9.1c"
},
{
"status": "affected",
"version": "16.9.1d"
},
{
"status": "affected",
"version": "16.9.2a"
}
]
}
]