Vulnerabilities > CVE-2022-20821 - Unspecified vulnerability in Cisco IOS XR

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

cisco

NVD

Published: 2022-05-26

Updated: 2024-07-02

Summary

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attacker could exploit this vulnerability by connecting to the Redis instance on the open port. A successful exploit could allow the attacker to write to the Redis in-memory database, write arbitrary files to the container filesystem, and retrieve information about the Redis database. Given the configuration of the sandboxed container that the Redis instance runs in, a remote attacker would be unable to execute remote code or abuse the integrity of the Cisco IOS XR Software host system.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS XR -	1
Hardware	Cisco Cisco 8201 - Cisco 8202 - Cisco 8208 - Cisco 8212 - Cisco 8218 - Cisco NCS 55A1 24H - Cisco NCS 55A1 24Q6H S - Cisco NCS 55A1 36H S - Cisco NCS 55A1 36H SE - Cisco NCS 55A1 36H SE S - Cisco NCS 55A2 MOD HD S - Cisco NCS 55A2 MOD HX S - Cisco NCS 55A2 MOD S - Cisco NCS 55A2 MOD SE H S - Cisco NCS 55A2 MOD SE S - Cisco NCS 1001 - Cisco NCS 1002 - Cisco NCS 1004 - Cisco NCS 5001 - Cisco NCS 5002 - Cisco NCS 5501 SE - Cisco NCS 5502 SE - Cisco NCS 5504 - Cisco NCS 5508 - Cisco NCS 5516 - Cisco NCS 55A1 - Cisco NCS 55A2 -	27

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-redis-ABJyE5xK