Cisco · Cisco Ios Xr · CVE-2020-3530
Name of the Vulnerable Software and Affected Versions:
Cisco IOS XR Software (affected versions not specified)
Description:
The issue is related to errors in privilege management in the command-line interface (CLI) of Cisco IOS XR Software. This could allow an authenticated, local attacker with valid credentials on the affected device to execute a specific CLI command that should require administrative privileges. The vulnerability is due to incorrect mapping in the source code of task group assignments for a specific command. A successful exploit could allow the attacker to invalidate the integrity of the disk and cause the device to restart, potentially affecting the availability and integrity of protected information.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.