===================================================================== CERT-Renater Note d'Information No. 2023/VULN320 _____________________________________________________________________ DATE : 14/09/2023 HARDWARE PLATFORM(S): Cisco. OPERATING SYSTEM(S): Cisco IOS XR Software versions prior to 7.10.1, 7.3.5, 7.5.4, 7.6.3, 7.7.21, 7.8.2, 7.9.2. ===================================================================== https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-comp3acl-vGmp6BQ3 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lnt-L9zOkBz5 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnx-acl-PyzDkeYF https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-cfm-3pWN8MKt https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-info-GXp7nVcP _____________________________________________________________________ Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2023-September-13. The following PSIRT security advisories (5 Medium, 1 Informational) were published at 16:00 UTC today. Table of Contents: 1) Cisco IOS XR Software iPXE Boot Signature Bypass Vulnerability - SIR: Medium 2) Cisco IOS XR Software Compression ACL Bypass Vulnerability - SIR: Medium 3) Cisco IOS XR Software Image Verification Vulnerability - SIR: Medium 4) Cisco IOS XR Software Access Control List Bypass Vulnerability - SIR: Medium 5) Cisco IOS XR Software Connectivity Fault Management Denial of Service Vulnerability - SIR: Medium 6) Cisco IOS XR Software Model-Driven Programmability Behavior with AAA Authorization - SIR: Informational +-------------------------------------------------------------------- 1) Cisco IOS XR Software iPXE Boot Signature Bypass Vulnerability CVE-2023-20236 SIR: Medium CVSS Score v(3.1): 6.7 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB"] +-------------------------------------------------------------------- 2) Cisco IOS XR Software Compression ACL Bypass Vulnerability CVE-2023-20190 SIR: Medium CVSS Score v(3.1): 5.8 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-comp3acl-vGmp6BQ3 ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-comp3acl-vGmp6BQ3"] +-------------------------------------------------------------------- 3) Cisco IOS XR Software Image Verification Vulnerability CVE-2023-20135 SIR: Medium CVSS Score v(3.1): 5.7 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lnt-L9zOkBz5 ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lnt-L9zOkBz5"] +-------------------------------------------------------------------- 4) Cisco IOS XR Software Access Control List Bypass Vulnerability CVE-2023-20191 SIR: Medium CVSS Score v(3.1): 5.8 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnx-acl-PyzDkeYF ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnx-acl-PyzDkeYF"] +-------------------------------------------------------------------- 5) Cisco IOS XR Software Connectivity Fault Management Denial of Service Vulnerability CVE-2023-20233 SIR: Medium CVSS Score v(3.1): 4.3 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-cfm-3pWN8MKt ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-cfm-3pWN8MKt"] +-------------------------------------------------------------------- 6) Cisco IOS XR Software Model-Driven Programmability Behavior with AAA Authorization SIR: Informational URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-info-GXp7nVcP ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-info-GXp7nVcP"] ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================