QID 316697
Date Published: 2023-09-25
QID 316697: Cisco Internetwork Operating System (IOS) XR Software Authenticated User Privilege Escalation Vulnerability (cisco-sa-iosxr-LJtNFjeN)
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device.
Affected Products:
Cisco products if that are running a release of Cisco IOS XR Software Release 5.0.0 or later that is earlier than the first fixed release:
8000 Series Routers
IOS XRv 9000 Router
IOS XR, SW only
Network Convergence System 540 Routers
Network Convergence System 560 Routers
Network Convergence System 4000 Series
Network Convergence System 5500 Series
Network Convergence System 6000 Series Routers
QID Detection Logic (Authenticated):
The check matches Cisco IOS XR version retrieved via Unix Auth using "show version" command.
Note: This QID does not checks for the workaround and SMU for Network Convergence System 4000 Series. Hence set as a practice
A successful exploit could allow the attacker to elevate privileges and perform actions on the device without authorization checks.
Customers are advised to refer to cisco-sa-iosxr-LJtNFjeN for more information.Workaround:
Workarounds exist only for devices that have TACACS+ authentication, authorization, and
accounting (AAA) command authorization configured. Administrators can use this feature to permit
access to only the commands that nonadministrative users require and
deny access to all other commands.
- cisco-sa-iosxr-LJtNFjeN -
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-LJtNFjeN
CVEs related to QID 316697
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-iosxr-LJtNFjeN |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-LJtNFjeN |