cve-2025-20177
Vulnerability from cvelistv5
Published
2025-03-12 16:13
Modified
2025-03-14 15:31
Severity ?
EPSS score ?
Summary
Cisco IOS XR Software Image Verification Bypass Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco IOS XR Software |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20177",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-13T03:55:23.530580Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T15:31:19.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco IOS XR Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.0.90"
},
{
"status": "affected",
"version": "6.7.1"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.1.15"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "6.7.2"
},
{
"status": "affected",
"version": "7.0.11"
},
{
"status": "affected",
"version": "7.0.12"
},
{
"status": "affected",
"version": "7.0.14"
},
{
"status": "affected",
"version": "7.1.25"
},
{
"status": "affected",
"version": "7.2.12"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "6.7.3"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "6.7.4"
},
{
"status": "affected",
"version": "7.3.15"
},
{
"status": "affected",
"version": "7.3.16"
},
{
"status": "affected",
"version": "6.8.1"
},
{
"status": "affected",
"version": "7.4.15"
},
{
"status": "affected",
"version": "7.3.2"
},
{
"status": "affected",
"version": "7.5.1"
},
{
"status": "affected",
"version": "7.4.16"
},
{
"status": "affected",
"version": "7.3.27"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.5.2"
},
{
"status": "affected",
"version": "7.8.1"
},
{
"status": "affected",
"version": "7.6.15"
},
{
"status": "affected",
"version": "7.5.12"
},
{
"status": "affected",
"version": "7.3.3"
},
{
"status": "affected",
"version": "7.7.1"
},
{
"status": "affected",
"version": "6.8.2"
},
{
"status": "affected",
"version": "7.3.4"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "6.7.35"
},
{
"status": "affected",
"version": "6.9.1"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.5.3"
},
{
"status": "affected",
"version": "7.7.2"
},
{
"status": "affected",
"version": "6.9.2"
},
{
"status": "affected",
"version": "7.9.1"
},
{
"status": "affected",
"version": "7.10.1"
},
{
"status": "affected",
"version": "7.8.2"
},
{
"status": "affected",
"version": "7.5.4"
},
{
"status": "affected",
"version": "7.8.22"
},
{
"status": "affected",
"version": "7.7.21"
},
{
"status": "affected",
"version": "7.9.2"
},
{
"status": "affected",
"version": "7.3.5"
},
{
"status": "affected",
"version": "7.5.5"
},
{
"status": "affected",
"version": "7.11.1"
},
{
"status": "affected",
"version": "7.9.21"
},
{
"status": "affected",
"version": "7.10.2"
},
{
"status": "affected",
"version": "24.1.1"
},
{
"status": "affected",
"version": "7.6.3"
},
{
"status": "affected",
"version": "7.3.6"
},
{
"status": "affected",
"version": "7.11.2"
},
{
"status": "affected",
"version": "24.2.1"
},
{
"status": "affected",
"version": "24.1.2"
},
{
"status": "affected",
"version": "24.2.11"
},
{
"status": "affected",
"version": "24.3.1"
},
{
"status": "affected",
"version": "7.8.23"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device.\r\n\r\nThis vulnerability is due to incomplete validation of files in the boot verification process. An attacker could exploit this vulnerability by manipulating the system configuration options to bypass some of the integrity checks that are performed during the boot process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass the requirement to run Cisco-signed images or alter the security properties of the running system.\r\nNote: Because exploitation of this vulnerability could result in the attacker bypassing Cisco image verification, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T16:13:04.362Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ios-xr-verii-bypass-HhPwQRvx",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-verii-bypass-HhPwQRvx"
},
{
"name": "Crafting endless AS-PATHS in BGP",
"url": "https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/"
}
],
"source": {
"advisory": "cisco-sa-ios-xr-verii-bypass-HhPwQRvx",
"defects": [
"CSCwk67262"
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XR Software Image Verification Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20177",
"datePublished": "2025-03-12T16:13:04.362Z",
"dateReserved": "2024-10-10T19:15:13.220Z",
"dateUpdated": "2025-03-14T15:31:19.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-20177\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2025-03-12T16:15:22.347\",\"lastModified\":\"2025-08-06T17:04:34.603\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device.\\r\\n\\r\\nThis vulnerability is due to incomplete validation of files in the boot verification process. An attacker could exploit this vulnerability by manipulating the system configuration options to bypass some of the integrity checks that are performed during the boot process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass the requirement to run Cisco-signed images or alter the security properties of the running system.\\r\\nNote: Because exploitation of this vulnerability could result in the attacker bypassing Cisco image verification, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el proceso de arranque del software Cisco IOS XR podr\u00eda permitir que un atacante local autenticado omita la verificaci\u00f3n de la firma de la imagen de Cisco IOS XR e instale software no verificado en un dispositivo afectado. Para explotar esta vulnerabilidad, el atacante debe tener privilegios de administrador en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incompleta de los archivos durante el proceso de verificaci\u00f3n de arranque. Un atacante podr\u00eda explotarla manipulando las opciones de configuraci\u00f3n del sistema para omitir algunas de las comprobaciones de integridad que se realizan durante el proceso de arranque. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante controlar la configuraci\u00f3n de arranque, lo que podr\u00eda permitirle omitir el requisito de ejecutar im\u00e1genes firmadas por Cisco o alterar las propiedades de seguridad del sistema en ejecuci\u00f3n. Nota: Dado que la explotaci\u00f3n de esta vulnerabilidad podr\u00eda provocar que el atacante omita la verificaci\u00f3n de la imagen de Cisco, Cisco ha elevado la calificaci\u00f3n de impacto de seguridad (SIR) de este aviso de media a alta.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-274\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.11.21\",\"matchCriteriaId\":\"8EC4CBFD-BFB8-4D89-B5F7-3CBD156778A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"24.2\",\"versionEndExcluding\":\"24.2.2\",\"matchCriteriaId\":\"DCAF5A0C-D731-4BE1-AAD8-88ADDB8A65DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"24.3\",\"versionEndExcluding\":\"24.3.2\",\"matchCriteriaId\":\"5C9D6AD9-652C-491A-9B61-04691D82BBBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xr:24.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FCE9AC2-F70A-4B54-8B1C-8F28E4FB32D3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8011-4g24y4h-i:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C422517-1BC8-4BCE-97E8-A2C165C7BB64\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E055F58F-F9FB-4B27-841E-61ECAB5F42B8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8101-32fh-o:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"437EBDAF-0633-409C-9EA4-DAD099D553B6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8101-32h-o:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8153C555-9AF4-4793-8F27-B01F1B3D76B9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8102-28fh-dpu-o:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0229018-3C4A-4174-B50F-F352FB1CCF9A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C3DDAC-7D0F-4D1D-9632-F001F2EB5D34\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8102-64h-o:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B14EC7C-4916-49C8-B919-E0149A4C44BF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8111-32eh-o:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E0443E9-9309-4503-9D21-ED5359F87E71\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8122-64eh-o:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9911F911-E322-4B0F-B31A-8FDA80D7AE5B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8122-64ehf-o:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FA5968D-7167-4D7D-A055-6F3C8023B496\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D8E7FFF-82A8-4ECB-BA0C-CBF0C2FDA3A3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8201-24h8fh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A554611-6B1B-482E-AF77-CD032EA7A978\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"528BE0D3-E5ED-4836-B0D8-0C8508C5BDD7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8201-32fh-o:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"321767C3-BEBB-4A70-A4BF-4EED7E6669D9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87DC4C2F-01C5-4D89-8D79-E5D28EDAD0F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8202-32fh-m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17EF50F5-0A9F-4649-BEBB-1F181E27C5B7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8212-48fh-m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59AB5F5A-2346-4F4B-A6ED-1884C5BE9353\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8404:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"540DCD6A-722D-4173-8046-885FEFA23A14\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8501-sys-mt:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18A5A74F-458A-4D51-B487-949E637E58AD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8608:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58B8D161-2D5E-4BD8-9518-B2FAB73ADEEE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"115B1C4A-A508-4F22-8E15-545AB4301017\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8711-32fh-m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4DF4211-FC4B-4A4A-9154-D64F0B84EEA3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8712-mod-m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3432E52B-6914-4DF2-8D7C-C19A435BF542\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6655851F-58D9-49D9-A56E-8440A7F7BB45\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5E2AE67-DED3-4414-A194-386ADB2C8DC7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3920133A-684D-4A9F-B65A-FF4EAE5052E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ED06361-5A68-4656-AEA5-240C290594CD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_1010:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97D1123D-39F9-4D22-99CE-F28CA57FE191\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_1014:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2E3F337-0CF5-456E-B313-DC3ED4BF9D9B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5494B4B-0BB4-48AE-8B0D-04DE649F9313\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3A0C835-6C98-4AB6-89FF-C27117BB6B12\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-24q2c2dd-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24550EBB-6FEE-4916-B58A-5FD8E45E962B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-24q8l2dd-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAD71DBE-AE18-49FA-826E-52D87A73F496\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"395F25CD-FDF5-48D7-A048-A6B4F4779EC9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E926BBC-F5C5-4D02-8A62-F1A5DE3C54DA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFB1323A-C472-4EA1-A969-1D1C10AB0CE8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-6z14s-sys-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A64FB4E3-4393-4A89-B6FB-E990D33427C5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-6z18g-sys-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2E585D1-F2E7-4CBE-ACA2-6552ACDF492A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-6z18g-sys-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44BB03A0-9152-444B-B5CD-70F4CBD53D03\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-acc-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"124CE49C-1C2B-40A5-8F59-7A223766E12F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-fh-agg:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D7DFE35-76BA-4BAE-9C4B-0625DAE573B0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540-fh-csr-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1645EAA7-0847-4418-BA9B-FA8E36B59626\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A83F3D33-0674-4F74-AEA9-BC824D8536F5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"784A450D-8DCA-43E5-8044-A9F2363FB006\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"92E88ED4-C2AF-407C-A395-3D7806D68758\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DA11E43-F821-45F6-A2DB-E1EBC8BDE68B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-16z8q2c-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A93F10D9-CF79-4DF2-964C-D423D1C1D993\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-4z14g2q-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A52A23CF-2D33-46CD-9784-D54826F63C71\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-4z14g2q-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB9BD2FE-BADB-489F-B832-2EF53F8679E6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-6z18g-sys-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42610AAA-9830-44C3-8D1D-2433FCA0541B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-6z18g-sys-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31CE816F-858C-421A-99D1-FCD4BB5FAD47\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-8z16g-sys-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C4A522F-560C-438D-AB68-BF0175C06F78\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-8z16g-sys-d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A405E23C-24BC-42C8-99DB-D8E5EFD98261\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_540x-acc-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"871D84C5-71EE-4B82-A48C-A1CC68DA332A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13EEDD1C-25BC-4AFA-AF60-66DE36927528\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CD3B06B-864E-4A35-B0C3-1654390022D2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD1B4F37-5AAA-4F40-8865-226289CB5CEB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_57c3-mod-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"355F78C3-C07F-48C3-9B6E-55714EAA7331\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:ncs_57d2-18dd-sys:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"976AC38F-5873-41ED-82B6-31C22FCC6BEE\"}]}]}],\"references\":[{\"url\":\"https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Product\"]},{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-verii-bypass-HhPwQRvx\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.