Vulnerability Description
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ios Xr | < 7.3.2 |
| Cisco | Asr 9000V-V2 | - |
| Cisco | Asr 9001 | - |
| Cisco | Asr 9006 | - |
| Cisco | Asr 9010 | - |
| Cisco | Asr 9901 | - |
| Cisco | Asr 9902 | - |
| Cisco | Asr 9903 | - |
| Cisco | Asr 9904 | - |
| Cisco | Asr 9906 | - |
| Cisco | Asr 9910 | - |
| Cisco | Asr 9912 | - |
| Cisco | Asr 9922 | - |
| Cisco | Ios Xrv | - |
| Cisco | Ios Xrv 9000 | - |
| Cisco | Ncs 520 | - |
| Cisco | Ncs 540 | - |
| Cisco | Ncs 540 Fronthaul | - |
| Cisco | Ncs 560-4 | - |
| Cisco | Ncs 560-7 | - |
Related Weaknesses (CWE)
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iVendor Advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iVendor Advisory
FAQ
What is CVE-2021-34719?
CVE-2021-34719 is a vulnerability with a CVSS score of 7.8 (HIGH). Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more informatio...
How severe is CVE-2021-34719?
CVE-2021-34719 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-34719?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios Xr, Cisco Asr 9000V-V2, Cisco Asr 9001, Cisco Asr 9006, Cisco Asr 9010.