CVE-2024-20483
- EPSS 1.1%
- Veröffentlicht 11.09.2024 17:15:13
- Zuletzt bearbeitet 03.10.2024 01:44:17
Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported by Cisco IOS XR Software, could allow an authenticated, remote attacker with Administrator-level privileges on the PON Ma...
CVE-2024-20489
- EPSS 0.14%
- Veröffentlicht 11.09.2024 17:15:13
- Zuletzt bearbeitet 03.10.2024 01:40:11
A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted dat...
CVE-2024-20317
- EPSS 0.24%
- Veröffentlicht 11.09.2024 17:15:12
- Zuletzt bearbeitet 03.10.2024 17:58:40
A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resu...
CVE-2024-20343
- EPSS 0.14%
- Veröffentlicht 11.09.2024 17:15:12
- Zuletzt bearbeitet 07.10.2024 17:42:40
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vu...
CVE-2024-20381
- EPSS 0.58%
- Veröffentlicht 11.09.2024 17:15:12
- Zuletzt bearbeitet 08.10.2024 21:43:28
A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an...
CVE-2024-20390
- EPSS 0.44%
- Veröffentlicht 11.09.2024 17:15:12
- Zuletzt bearbeitet 07.10.2024 17:51:37
A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751. This vulnerability is due to a lack of proper error valida...
CVE-2024-20398
- EPSS 0.21%
- Veröffentlicht 11.09.2024 17:15:12
- Zuletzt bearbeitet 03.10.2024 01:47:52
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation...
CVE-2024-20304
- EPSS 0.6%
- Veröffentlicht 11.09.2024 17:15:11
- Zuletzt bearbeitet 03.10.2024 14:20:07
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 ...
CVE-2024-20456
- EPSS 0.19%
- Veröffentlicht 10.07.2024 16:15:03
- Zuletzt bearbeitet 04.08.2025 17:44:16
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfu...
CVE-2024-20319
- EPSS 0.25%
- Veröffentlicht 13.03.2024 17:15:48
- Zuletzt bearbeitet 07.07.2025 15:49:35
A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affecte...