CVE-2021-1398 (GCVE-0-2021-1398)
Vulnerability from cvelistv5
Published
2021-03-24 20:07
Modified
2024-11-08 23:33
Severity ?
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
Summary
A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. This vulnerability is due to incorrect validations of specific function arguments that are passed to the boot script. An attacker could exploit this vulnerability by tampering with a specific file, which an affected device would process during the initial boot process. On systems that are protected by the Unified Extensible Firmware Interface (UEFI) secure boot feature, a successful exploit could allow the attacker to execute unsigned code at boot time and bypass the image verification check in the secure boot process of the affected device.
References
Impacted products
Vendor Product Version
Cisco Cisco IOS XE Software Version: n/a
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:17.059Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210324 Cisco IOS XE Software Arbitrary Code Execution Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1398",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:19:41.950697Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:33:24.738Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco IOS XE Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. This vulnerability is due to incorrect validations of specific function arguments that are passed to the boot script. An attacker could exploit this vulnerability by tampering with a specific file, which an affected device would process during the initial boot process. On systems that are protected by the Unified Extensible Firmware Interface (UEFI) secure boot feature, a successful exploit could allow the attacker to execute unsigned code at boot time and bypass the image verification check in the secure boot process of the affected device."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-489",
              "description": "CWE-489",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-24T20:07:09",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210324 Cisco IOS XE Software Arbitrary Code Execution Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe"
        }
      ],
      "source": {
        "advisory": "cisco-sa-XE-ACE-75K3bRWe",
        "defect": [
          [
            "CSCvu61463"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco IOS XE Software Arbitrary Code Execution Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-03-24T16:00:00",
          "ID": "CVE-2021-1398",
          "STATE": "PUBLIC",
          "TITLE": "Cisco IOS XE Software Arbitrary Code Execution Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco IOS XE Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. This vulnerability is due to incorrect validations of specific function arguments that are passed to the boot script. An attacker could exploit this vulnerability by tampering with a specific file, which an affected device would process during the initial boot process. On systems that are protected by the Unified Extensible Firmware Interface (UEFI) secure boot feature, a successful exploit could allow the attacker to execute unsigned code at boot time and bypass the image verification check in the secure boot process of the affected device."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.8",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-489"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210324 Cisco IOS XE Software Arbitrary Code Execution Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-XE-ACE-75K3bRWe",
          "defect": [
            [
              "CSCvu61463"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1398",
    "datePublished": "2021-03-24T20:07:09.496032Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:33:24.738Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-1398\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2021-03-24T20:15:14.213\",\"lastModified\":\"2024-11-21T05:44:15.817\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. This vulnerability is due to incorrect validations of specific function arguments that are passed to the boot script. An attacker could exploit this vulnerability by tampering with a specific file, which an affected device would process during the initial boot process. On systems that are protected by the Unified Extensible Firmware Interface (UEFI) secure boot feature, a successful exploit could allow the attacker to execute unsigned code at boot time and bypass the image verification check in the secure boot process of the affected device.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la l\u00f3gica de arranque del Software Cisco IOS XE, podr\u00eda permitir a un atacante local autenticado con privilegios de nivel 15 o un atacante no autenticado con acceso f\u00edsico ejecutar c\u00f3digo arbitrario en el sistema operativo Linux subyacente de un dispositivo afectado.\u0026#xa0;Esta vulnerabilidad es debido a comprobaciones incorrectas de argumentos de funciones espec\u00edficas que se pasan al script de arranque.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al manipular un archivo espec\u00edfico, que un dispositivo afectado procesar\u00eda durante el proceso de arranque inicial.\u0026#xa0;En los sistemas que est\u00e1n protegidos por la funci\u00f3n de arranque seguro de la Unified Extensible Firmware Interface (UEFI), Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo sin firmar en el momento del arranque y omitir la comprobaci\u00f3n de la imagen en el proceso de arranque seguro del dispositivo afectado\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ykramarz@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-489\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.0bs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87687169-312C-41E6-9557-B2536A4CCA01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E979597C-E614-45E9-9AC4-66DE323221BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.0xas:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52E7F768-0ABD-486E-810E-7C444951F061\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.0xbs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D46F3A2-C0C2-4083-B32F-B94DA4FD213E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.1as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"312FDFDD-7612-4E79-A12E-7B1540324696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55E908D0-7327-42B7-81C0-FA25BF45929C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5420E152-A00C-406C-8E27-6B7ADE4ABF5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.2ts:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8A56292-386C-4FC8-BC54-EF9E465F891B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036DAA45-B363-47BB-ADBA-992F381572EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.4as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86176257-7075-476E-BE09-B0E469392BD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCB1EA1E-D995-4732-9685-75AC9042D484\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.5s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EA68978-C42E-4A5E-A0D6-7887FA0318B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.6s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FF06D7B-A239-4046-A704-01C54D534F35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.7s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4622910B-5459-4FA4-A8D0-239AF2EFFE06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.7.8s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F719709E-ACE9-4539-BA05-72F7DCB8BFBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.8.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2835C64E-808F-4A6C-B245-7A9996FAFE3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.8.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E1040AF-A087-4791-BFC3-36CA3F3208E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.8.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F95B900-12A3-4488-BB50-20C972BEE169\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.9.0as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC3B6D68-DA31-45EB-ACFD-AE703B2FA2D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.9.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94227B25-5C86-453C-9DC8-A8201C1D1FEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.9.0xas:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4293A90D-1FCA-456D-9D70-F5650B80B462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.9.1as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6352A220-8F3E-4E08-8DD3-50E366434333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.9.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F278DC-5102-4A18-9C72-E8FEEDCC5729\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.9.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"513675B5-D62C-442D-8754-DC4F221942B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9D9F45C-E71F-4425-A0C7-DFFEEC93C152\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26FB3B1A-FB8C-4371-A6D2-AB83ECF17F96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.1xbs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48B351B3-3A18-4068-A95D-68942955070E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.1xcs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"007C8D80-2A6B-4C53-8A6B-0C95BCF1CA89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.2as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D12F65A-5B43-4612-8788-B697567C0B15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A005E0C-A744-4AFA-A1D1-2E3228E093FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.2ts:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DED25B1B-C47A-45E9-8235-081550FB0AD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86B7EC67-B431-4284-8781-9090D134B781\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3598539F-0EEB-45D6-8BA5-A2A3F69D556C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.5s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CF349D4-BF1C-4127-B6FA-7AD379F62A3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.6s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6ABE123-BBA5-46CD-8578-4A1F3CB8BA08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.7s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD674BF9-16F6-4817-9ADE-564A402A5F06\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.8as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A4142E2-B8A8-4E78-B4ED-52F63C43C6F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.8s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7DA3731-E719-4DB7-9783-1C00481141EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.9s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"483A3F03-F5CC-45BD-AEB7-83E23601BB22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.10.10s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1692889D-BD16-41C6-A226-A9BAF6F64603\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.11.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DAC081C-9A22-4CBC-A9D0-DD9995801791\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.11.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F43F819E-3072-430F-8C52-B43FF28D4687\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.11.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C80F59A9-C1EF-4E9B-B204-1EEC7FDF65BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.11.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09A930B7-7B9B-426E-A296-9F29F4A03F5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.11.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"309952D7-B220-4678-A16D-AA5FF005F782\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.12.0as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60C5FC5B-BE2E-4BAC-AC23-58666BDEB553\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.12.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"503EFE9E-C238-46BA-8CA3-DE8D5DDB9A2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.12.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6EC8B17-6EC2-47AF-818D-1DFBDA612FB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.12.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"278ACF0A-949B-486D-8F6C-ADC2AF25FC17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.12.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37A30BA4-D760-4321-AAC8-04093AAAEA3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.12.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42616EA2-DDCF-4B57-BF2A-37968C82DDC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.0as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"246251E8-7D4E-4CD4-8D4F-BF360780FA36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09F35F75-75E8-4A20-94C4-5908E404C8CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C01C1D8-A191-45B7-A6C5-EE225F05A49E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.2as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16D7ACF1-6A30-4D6E-AA69-D2F365E2791C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E50FF89-8E71-4EA0-9AEC-2F800ED9D995\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F6E9386-30B4-4E86-9676-E7E005274048\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E70C455-E41C-4B17-847A-5F4281139252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.5as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DD0A60B-6848-4B9A-B11D-2C2952D2D48C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.5s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64A07329-3A7D-4483-AE69-4786FEB23D92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.6as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F84E4463-DB0F-4B06-B403-B3606B386F02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.6bs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E08D377F-EBEC-4234-8628-2CFD04E43CB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.6s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"665ACEAC-AE81-40F7-8A01-E8DB9DD7DD7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.7as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAE50185-23ED-4640-9037-E45810793C85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.7s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96637FB9-B552-417B-8C7F-4F4524F69690\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.8s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DA6851D-6DC1-403F-A511-EE996FE832F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.9s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7C97617-6574-4EFD-8408-A9E21A56E1AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.13.10s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB188B71-4CF0-49EA-BA00-10FEDF994D70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.14.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD803F59-1CD2-4CA9-9EB1-3CC4ABCD9547\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.14.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9247665-BBE7-4DEF-B97B-4981A0EA5CE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.14.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E61E0102-B9B6-41F4-9041-0A5F144D849A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.14.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"579C9E7F-6AE4-4DF5-ABCF-DB390E4669E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.14.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A076E1F-3457-410A-8AB6-64416ECB20A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAD93CD1-4188-40B7-A20E-9C3FE8344A27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.1cs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EEAB7F8-EAB5-4E7A-8A1B-38EC16D601FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2972E680-5A19-4858-9B35-0B959ED319A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.1xbs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BF22C29-84DF-44CA-B574-FE04AB39E344\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BFE916-916F-4936-A331-21A0E8193920\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.2xbs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2C7C0BA-D618-4B65-B42C-43393167EEE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0EC9A19-26E6-4E69-B4E7-852CB6327EAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.15.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C5484A4-D116-4B79-8369-47979E20AACA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.0as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97410577-A005-49B6-981C-535B3484E72F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.0bs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3420FB4D-8A6A-4B37-A4AE-7B35BEEEAF71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.0cs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5568EABF-8F43-4A87-8DE4-A03E9065BE53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0E5BB91-B5E7-4961-87DC-26596E5EDED7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.1as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC72AA6D-9E18-49F7-95CA-A4A5D7A60E4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3822447-EB80-4DF2-B7F2-471F55BA99C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.2as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA0B441A-3A09-4A58-8A40-D463003A50BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.2bs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51E1A64A-204D-4567-A2DC-EFEB2AE62B54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"970FD986-6D0E-441C-9BF3-C66A25763A7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.3as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EEFD3AD-EFA2-4808-801E-B98E4C63AA76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1826C997-6D5D-480E-A12E-3048B6C61216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.4as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D136C95-F837-49AD-82B3-81C25F68D0EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.4bs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C35B3F96-B342-4AFC-A511-7A735B961ECD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.4cs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E203E52-0A3A-4910-863D-05FEF537C9B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.4ds:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DED2D791-4142-4B9E-8401-6B63357536B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.4es:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B6442B5-A87E-493B-98D5-F954B5A001BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.4gs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8794DA1D-9EE8-4139-B8E9-061A73CFD5F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FBEF4B2-EA12-445A-823E-E0E5343A405E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.5as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EAC484-1C4F-4CA8-B8E1-6EE0E9497A4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.5bs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0BC5E30-71D2-4C17-A1BA-0850A9BC7D50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.5s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"844E7CEC-5CB6-47AE-95F7-75693347C08E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.6bs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E50A67CE-EB1C-4BFA-AB40-BCF6CDF168BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.6s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"147A245E-9A5D-4178-A1AC-5B0D41C3B730\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.7as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"169D71B3-1CCE-4526-8D91-048212EEDF08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.7bs:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27F66514-B9C4-422E-B68E-406608302E03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.7s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2438157-4D9C-4E16-9D2A-759A8F6CDDE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.8s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12ECC01E-E59F-4AED-AE51-7EE6B5E717E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.9s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABC524BA-544C-49B9-A9D6-800D25556532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.10as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02A07FC8-5649-4A64-8B94-507524FE4551\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.16.10s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BC99316-75AC-45EB-B6BB-DB014ED08ECA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.17.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12793F39-13C4-4DBC-9B78-FE361BDDF89D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.17.1as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AEF94C7-CEE6-4696-9F1D-549639A831C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.17.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"876767C7-0196-4226-92B1-DDE851B53655\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.17.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0141D67B-632F-48ED-8837-4CC799616C57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.17.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"141FFB5E-EA72-4FC1-B87A-B5E2D5FCFE2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.17.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE444B39-D025-471B-835E-88671212ACAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.0as:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE390091-D382-4436-BBB4-D4C33E4F6714\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.0s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE81AA43-88D4-4EFC-B8F6-A41EFF437819\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.0sp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C18E6308-7A34-43E3-9AD8-5FB52B31ACB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.1asp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A667AEC6-57E3-4D67-A02E-F0BAEBCE16DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.1bsp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80EE163D-D9EC-46A1-826A-54F8F3A3FFBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.1csp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CE4CFE4-C00F-4FAE-8FDF-F6C92E92838D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.1gsp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE3170E3-0BCC-4C5F-8E6C-5E91E8C4E7A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.1hsp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CCDB353-DD15-4C91-AD2A-73649C012E08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.1isp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D7DAAE1-BB3F-4FBA-A6ED-3BABC9196C1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BEBCBF7-D1CF-488F-BB3E-F864F901A96A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.1sp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06BBE88E-FEFB-4B90-91D1-4F053FA0EA47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.2asp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D43FA49-1F9D-4FD0-AF18-6E9AB6DF702F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8CCA19-1D1C-45C0-A1A0-CED5885AD580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.2sp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"014224BF-926E-470C-A133-84036D8AD533\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.3asp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10B0DE46-C4C4-4DA1-A4CD-9627F13FED3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.3bsp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B58E818D-03BB-4FE4-946B-B967E9764DA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4063CCF8-19BE-4411-B71B-147BB146700B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.3sp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DE8E0D1-E4AD-4648-BCF0-AE11B93D22B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"186ADB50-A4D4-4B32-884D-3195E7770346\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.4sp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"334F278A-CFEB-4145-9D8D-EFC36A1BF258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.5sp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B76F26E-7B1C-4894-8CDD-4BA1243E4EAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.6sp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5FB99D7-CDA9-4C3E-9DBB-3AC1CEBA4D90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.7sp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63D05DBA-D3F0-492B-9976-54A7E46F315E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.8asp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"596E09DB-97B1-4DCE-AC5E-18CC9ACCAFB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:3.18.8sp:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78224D59-5C86-4090-9645-170B6583C7E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ED5527C-A638-4E20-9928-099E32E17743\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A685A9A-235D-4D74-9D6C-AC49E75709CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43052998-0A27-4E83-A884-A94701A3F4CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89526731-B712-43D3-B451-D7FC503D2D65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"302933FE-4B6A-48A3-97F0-4B943251B717\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"296636F1-9242-429B-8472-90352C056106\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77993343-0394-413F-ABF9-C1215E9AD800\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"283971DD-DD58-4A76-AC2A-F316534ED416\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8F324A5-4830-482E-A684-AB3B6594CEAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8120196-8648-49D0-8262-CD4C9C90C37A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33E7CCE2-C685-4019-9B55-B3BECB3E5F76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.5b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0699DD6E-BA74-4814-93AB-300329C9D032\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2E2D781-2684-45F1-AC52-636572A0DCA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"479FB47B-AF2E-4FCB-8DE0-400BF325666C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF2B4C78-5C31-4F3D-9639-305E15576E79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C09F0A2-B21F-40ED-A6A8-9A29D6E1C6A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32BA13F4-EF9C-4368-B8B1-9FD9FAF5CEFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77E8AF15-AB46-4EAB-8872-8C55E8601599\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"957318BE-55D4-4585-AA52-C813301D01C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F11B703-8A0F-47ED-AA70-951FF78B94A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE7B2557-821D-4E05-B5C3-67192573D97D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EE6EC32-51E4-43A3-BFB9-A0D842D08E87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.5.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"187F699A-AF2F-42B0-B855-27413140C384\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E0B905E-4D92-4FD6-B2FF-41FF1F59A948\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62EDEC28-661E-42EF-88F0-F62D0220D2E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F821EBD7-91E2-4460-BFAF-18482CF6CB8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E36D2D24-8F63-46DE-AC5F-8DE33332EBC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9B825E6-5929-4890-BDBA-4CF4BD2314C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65020120-491D-46CD-8C73-974B6F4C11E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ADDCD0A-6168-45A0-A885-76CC70FE2FC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.4s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F35C623-6043-43A6-BBAA-478E185480CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D83E34F4-F4DD-49CC-9C95-93F9D4D26B42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.5a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2833EAE-94C8-4279-A244-DDB6E2D15DC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.5b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B688E46-5BAD-4DEC-8B13-B184B141B169\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C8F50DB-3A80-4D89-9F7B-86766D37338B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBFC70A2-87BC-4898-BCF3-57F7B1DD5F10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.7a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F13F583-F645-4DF0-A075-B4F19D71D128\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB8DA556-ABF3-48D0-95B8-E57DBE1B5A09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"623BF701-ADC9-4F24-93C5-043A6A7FEF5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.7.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5311FBE-12BF-41AC-B8C6-D86007834863\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.7.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52FB055E-72F9-4CB7-A51D-BF096BD1A55D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FBD681F-7969-42BE-A47E-7C287755DCB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98255E6F-3056-487D-9157-403836EFB9D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"521ACFB0-4FB2-44DB-AD7B-C27F9059DE66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57D4F634-03D5-4D9F-901C-7E9CE45F2F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4463A1D1-E169-4F0B-91B2-FA126BB444CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D97F69C3-CAA6-491C-A0B6-6DC12B5AB472\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDD58C58-1B0C-4A71-8C02-F555CEF9C253\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96852D16-AF50-4C70-B125-D2349E6765D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A15B882A-BA60-4932-A55E-F4A798B30EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C9C585C-A6EC-4385-B915-046C110BF95F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EC2EE60-4A07-4D92-B9BC-BF07CF4F2BE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47DBE4ED-1CD8-4134-9B33-17A91F44F17B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"119A964D-ABC8-424D-8097-85B832A833BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0375BF9E-D04B-4E5B-9051-536806ECA44E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2266E5A2-B3F6-4389-B8E2-42CB845EC7F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"012A6CF7-9104-4882-9C95-E6D4458AB778\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.1d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AF5214D-9257-498F-A3EB-C4EC18E2FEB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78DE7780-4E8B-4BB6-BDEB-58032EC65851\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F29CEE37-4044-4A3C-9685-C9C021FD346A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.2a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DC5BB06-100F-42C9-8CEB-CC47FD26DDF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5292764A-7D1C-4E04-86EF-809CB68EDD25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.3a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E16D266-108F-4F8A-998D-F1CA25F2EAAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.3h:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F84AE35F-D016-4B8F-8FE2-C2ACB200DFED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41D55481-C80E-4400-9C3D-9F6B1F7F13CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4BF9829-F80E-4837-A420-39B291C4E17B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.4c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D07F9539-CFBE-46F7-9F5E-93A68169797D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5AB80E7-0714-44ED-9671-12C877B36A1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.9.5f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10182B94-6831-461E-B0FC-9476EAB6EBEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB6BD18B-B9BD-452F-986E-16A6668E46B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D136D2BC-FFB5-4912-A3B1-BD96148CB9A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A22256FE-431C-4AD9-9E7F-7EAC2D81B1B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CD5B3AB-27C2-4055-A3B7-0112D089FDA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.1d:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04081A51-E08F-4114-9276-584E836181D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADED0D82-2A4D-4235-BFAC-5EE2D862B652\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.1f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62A46516-CEB7-48D4-879B-341963A1FA31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.1g:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6EF98FA-6DF9-4935-9639-143E08462BC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A443E93-6C4B-4F86-BA7C-7C2A929E795A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ECEDD9D-6517-44BA-A95F-D1D5488C0E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E91F8704-6DAD-474A-84EA-04E4AF7BB9B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"314C7763-A64D-4023-9F3F-9A821AE4151F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5820D71D-FC93-45AA-BC58-A26A1A39C936\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC1C85DD-69CC-4AA8-B219-651D57FC3506\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B53E377A-0296-4D7A-B97C-576B0026543D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C98DED36-D4B5-48D6-964E-EEEE97936700\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD98C9E8-3EA6-4160-970D-37C389576516\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9027A528-2588-4C06-810B-5BB313FE4323\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7745ED34-D59D-49CC-B174-96BCA03B3374\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19AF4CF3-6E79-4EA3-974D-CD451A192BA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"313BD54C-073C-4F27-82D5-C99EFC3A20F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93B96E01-3777-4C33-9225-577B469A6CE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1z:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65FC3CC1-CF4F-4A2D-A500-04395AFE8B47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.1za:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"027200FC-8AD4-47E4-A404-490AE4F997EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5019B59-508E-40B0-9C92-2C26F58E2FBE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"443D78BA-A3DA-4D1F-A4DF-2F426DC6B841\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C6FB4DC-814D-49D2-BBE2-3861AE985A1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5750264-2990-4942-85F4-DB9746C5CA2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9173AD6-6658-4267-AAA7-D50D0B657528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F02EE9D-45B1-43D6-B05D-6FF19472216B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E306B09C-CB48-4067-B60C-5F738555EEAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD446C51-E713-4E46-8328-0A0477D140D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:17.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89369318-2E83-489F-B872-5F2E247BBF8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B51FA707-8DB1-4596-9122-D4BFEF17F400\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C04DF35A-1B6F-420A-8D84-74EB41BF3700\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"211CC9B2-6108-4C50-AB31-DC527C43053E\"}]}]}],\"references\":[{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe\", \"name\": \"20210324 Cisco IOS XE Software Arbitrary Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T16:11:17.059Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-1398\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-08T20:19:41.950697Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-08T20:39:20.275Z\"}}], \"cna\": {\"title\": \"Cisco IOS XE Software Arbitrary Code Execution Vulnerability\", \"source\": {\"defect\": [[\"CSCvu61463\"]], \"advisory\": \"cisco-sa-XE-ACE-75K3bRWe\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.8, \"attackVector\": \"PHYSICAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco IOS XE Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2021-03-24T00:00:00\", \"references\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe\", \"name\": \"20210324 Cisco IOS XE Software Arbitrary Code Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. This vulnerability is due to incorrect validations of specific function arguments that are passed to the boot script. An attacker could exploit this vulnerability by tampering with a specific file, which an affected device would process during the initial boot process. On systems that are protected by the Unified Extensible Firmware Interface (UEFI) secure boot feature, a successful exploit could allow the attacker to execute unsigned code at boot time and bypass the image verification check in the secure boot process of the affected device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-489\", \"description\": \"CWE-489\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2021-03-24T20:07:09\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"6.8\", \"vectorString\": \"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\"}}, \"source\": {\"defect\": [[\"CSCvu61463\"]], \"advisory\": \"cisco-sa-XE-ACE-75K3bRWe\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco IOS XE Software\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-XE-ACE-75K3bRWe\", \"name\": \"20210324 Cisco IOS XE Software Arbitrary Code Execution Vulnerability\", \"refsource\": \"CISCO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the boot logic of Cisco IOS XE Software could allow an authenticated, local attacker with level 15 privileges or an unauthenticated attacker with physical access to execute arbitrary code on the underlying Linux operating system of an affected device. This vulnerability is due to incorrect validations of specific function arguments that are passed to the boot script. An attacker could exploit this vulnerability by tampering with a specific file, which an affected device would process during the initial boot process. On systems that are protected by the Unified Extensible Firmware Interface (UEFI) secure boot feature, a successful exploit could allow the attacker to execute unsigned code at boot time and bypass the image verification check in the secure boot process of the affected device.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-489\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2021-1398\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco IOS XE Software Arbitrary Code Execution Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2021-03-24T16:00:00\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-1398\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-08T23:33:24.738Z\", \"dateReserved\": \"2020-11-13T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2021-03-24T20:07:09.496032Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.