Vulnerabilities > Cisco > IOS XR > 7.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-09 | CVE-2021-34708 | Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XR Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. | 6.7 |
| 2021-09-09 | CVE-2021-34709 | Improper Verification of Cryptographic Signature vulnerability in Cisco IOS XR Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. | 6.4 |
| 2021-09-09 | CVE-2021-34718 | Argument Injection or Modification vulnerability in Cisco IOS XR A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. | 8.1 |
| 2021-09-09 | CVE-2021-34719 | OS Command Injection vulnerability in Cisco IOS XR Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. | 7.8 |
| 2021-09-09 | CVE-2021-34721 | OS Command Injection vulnerability in Cisco IOS XR Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. | 6.7 |
| 2021-09-09 | CVE-2021-34722 | OS Command Injection vulnerability in Cisco IOS XR Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. | 6.7 |
| 2021-09-09 | CVE-2021-34728 | OS Command Injection vulnerability in Cisco IOS XR Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. | 7.8 |
| 2021-09-09 | CVE-2021-34737 | NULL Pointer Dereference vulnerability in Cisco IOS XR A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition. | 7.5 |
| 2021-09-09 | CVE-2021-34771 | Information Exposure vulnerability in Cisco IOS XR A vulnerability in the Cisco IOS XR Software CLI could allow an authenticated, local attacker to view more information than their privileges allow. | 5.5 |
| 2021-02-04 | CVE-2021-1268 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the IPv6 protocol handling of the management interfaces of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause an IPv6 flood on the management interface network of an affected device. low complexity cisco | 6.5 |