Vulnerabilities > Cisco > IOS XR > 6.7.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-04 | CVE-2021-1370 | Unspecified vulnerability in Cisco IOS XR A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and Network Convergence System 540 Series Routers running NCS540L software images could allow an authenticated, local attacker to elevate their privilege to root. | 7.8 |
| 2021-02-04 | CVE-2021-1244 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. | 6.7 |
| 2021-02-04 | CVE-2021-1136 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. | 6.7 |
| 2021-02-04 | CVE-2021-1128 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local attacker to view more information than their privileges allow. | 5.5 |
| 2020-11-06 | CVE-2020-3284 | Unspecified vulnerability in Cisco products A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. | 9.8 |
| 2020-09-04 | CVE-2020-3530 | Incorrect Authorization vulnerability in Cisco IOS XR A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. | 8.4 |
| 2020-09-04 | CVE-2020-3473 | Incorrect Authorization vulnerability in Cisco IOS XR A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device. | 7.8 |
| 2020-08-17 | CVE-2020-3449 | Improper Check for Unusual or Exceptional Conditions vulnerability in Cisco IOS XR A vulnerability in the Border Gateway Protocol (BGP) additional paths feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent authorized users from monitoring the BGP status and cause the BGP process to stop processing new updates, resulting in a denial of service (DOS) condition. | 4.3 |