Detections
Analytics

Cisco IOS XR Software Authenticated CLI SCP/SFTP DoS (cisco-sa-iosxr-scp-dos-kb6sUUHw)

medium Nessus Plugin ID 192108

Language:

Synopsis

The remote device is missing a vendor-supplied security patch

Description

According to its self-reported version, Cisco IOS XR is affected by a vulnerability.

 - A vulnerability in the Secure Copy Protocol (SCP) and SFTP feature of Cisco IOS XR Software could allow an authenticated, local attacker to create or overwrite files in a system directory, which could lead to a denial of service (DoS) condition. The attacker would require valid user credentials to perform this attack. This vulnerability is due to a lack of proper validation of SCP and SFTP CLI input parameters. An attacker could exploit this vulnerability by authenticating to the device and issuing SCP or SFTP CLI commands with specific parameters. A successful exploit could allow the attacker to impact the functionality of the device, which could lead to a DoS condition. The device may need to be manually rebooted to recover. Note: This vulnerability is exploitable only when a local user invokes SCP or SFTP commands at the Cisco IOS XR CLI. A local user with administrative privileges could exploit this vulnerability remotely. (CVE-2024-20262)

Please see the included Cisco BIDs and Cisco Security Advisory for more information.

Solution

Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwf11720

See Also

http://www.nessus.org/u?8466eda9

http://www.nessus.org/u?3206828a

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwf11720

Plugin Details

Severity: Medium

ID: 192108

File Name: cisco-sa-iosxr-scp-dos-kb6sUUHw-iosxr.nasl

Version: 1.1

Type: combined

Family: CISCO

Published: 3/14/2024

Updated: 3/15/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2024-20262

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios_xr

Required KB Items: Host/Cisco/IOS-XR/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 3/13/2024

Vulnerability Publication Date: 3/13/2024

Reference Information

CVE: CVE-2024-20262

CWE: 269

CISCO-SA: cisco-sa-iosxr-scp-dos-kb6sUUHw

IAVA: 2024-A-0169

CISCO-BUG-ID: CSCwf11720