A denial of service (DoS) vulnerability has been identified in the ARP implementation of Cisco IOS XR Software. An unauthenticated, adjacent attacker can exploit this vulnerability by sending excessive ARP traffic to the management interface, potentially leading to degraded performance or complete unresponsiveness of the device. Cisco has released software updates to address this issue, but no workarounds are available.
A medium severity vulnerability has been identified in Cisco IOS XR Software that allows an authenticated local attacker to bypass image signature verification, potentially leading to the installation of unsigned software. No workarounds are available, and users are advised to update to fixed software versions.
A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker with root-system privileges to bypass the software image signature verification. This flaw arises from incomplete validation of files during the installation of an .iso file. An attacker could exploit this by modifying the .iso image and installing it on the device, leading to the activation of unsigned software.
A medium-severity vulnerability in Cisco IOS XR Software allows unauthenticated remote attackers to bypass access control lists (ACLs) on the management interface for SSH, NetConf, and gRPC features. Users are advised to upgrade to fixed software releases or implement workarounds.
A vulnerability was identified in the management interface ACL processing feature of Cisco IOS XR Software. This flaw allows unauthenticated remote attackers to bypass configured ACLs, potentially leading to unauthorized access to management features like SSH, NetConf, and gRPC. The issue arises because management interface ACLs are not enforced on certain Linux-handled features within the Packet I/O infrastructure.