CVE-2021-1243

Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software (affected versions not specified)

Description The issue is related to insufficient access control in the Local Packet Transport Services (LPTS) component of the SNMP protocol in Cisco IOS XR Software. This could allow a remote attacker to bypass existing security restrictions and connect to the device on configured SNMP ports, despite management plane protection being configured to deny access. Valid credentials are required to execute any SNMP requests.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.