Skip to main content

Cisco IOS XR Security Restriction Bypass Vulnerability

Release Date: 23 May 2022 5065 Views

RISK: High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

A vulnerability was identified in Cisco IOS XR. An attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.

 

Note:
CVE-2022-20821 is being exploited in the wild.

The vulnerability is related to the Cisco IOS XR health check RPM opens TCP port 6379 by default. The vulnerability can exploit the opening port that allows unauthorized access to the Redis instance running within the NOSi container.


Impact

  • Security Restriction Bypass

System / Technologies affected

  • Cisco IOS XR Version 7.3.3

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 


Vulnerability Identifier


Source


Related Link