Cisco Security Updates for IOS XR Software - 20240315001¶
Overview¶
Cisco released security updates for March 2024 to address vulnerabilities in its multiplae products. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device.
What is vulnerable?¶
| Product(s) Affected | Version | CVE | Severity | CVSS | Dated |
|---|---|---|---|---|---|
| PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software in Cisco ASR 9000 Series with Lightspeed and Lightspeed-Plus based line cards: A9K-16X100GE-TR; A99-16X100GE-X-SE; A99-32X100GE-TR; A9K-4HG-FLEX-TR; A9K-4HG-FLEX-SE; A99-4HG-FLEX-TR; A99-4HG-FLEX-SE; A9K-8HG-FLEX-TR; A9K-8HG-FLEX-SE; A9K-20HG-FLEX-TR; A9K-20HG-FLEX-SE; A99-32X100GE-X-TR; A99-32X100GE-X-SE; A99-10X400GE-X-TR; A99-10X400GE-X-SE |
7.8 and earlier 7.9 7.10 7.11 |
CVE-2024-20327 | High | 7.4 | 13 Mar, 2024 |
| SSH client feature of Cisco IOS XR Software in following Cisco products: 8000 Series Routers IOS XRd Control Plane IOS XRd vRouter NCS 540 Series Routers that are running the NCS540L images NCS 5700 Series Routers (NCS-57B1-5DSE-SYS, NCS-57B1-6D24-SYS, and NCS-57C1-48Q6-SYS) |
7.3.2 7.4 7.5 7.6 7.7 7.8 7.9 7.10 |
CVE-2024-20320 | High | 7.8 | 13 Mar, 2024 |
| Cisco IOS XR 64-bit Software with affected Layer 2 transport configuration enabled in following Cisco products: ASR 9000 Series Aggregation Services Routers that have a Lightspeed-based or Lightspeed-Plus-based line card installed ASR 9902 Compact High-Performance Routers ASR 9903 Compact High-Performance Routers IOS XRd vRouters IOS XRv 9000 Routers |
7.8 and earlier 7.9 7.10 |
CVE-2024-20318 | High | 7.4 | 13 Mar, 2024 |
| Cisco IOS XR Software iPXE Boot Signature Bypass Vulnerability | version | CVE-2023-20236 | High | 7.8 | 14 Mar, 2024 |
| Cisco IOS XR Software Authenticated CLI Secure Copy Protocol and SFTP Denial of Service Vulnerability | version | CVE-2024-20262 | Medium | 6.5 | 13 Mar, 2024 |
| Cisco IOS XR Software MPLS and Pseudowire Interfaces Access Control List Bypass Vulnerabilities | version | CVE-2024-20315 CVE-2024-20322 |
Medium | 5.8 | 13 Mar, 2024 |
| Cisco IOS XR Software DHCP Version 4 Server Denial of Service Vulnerability | version | CVE-2024-20266 | Medium | 5.3 | 13 Mar, 2024 |
| Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass Vulnerability | version | CVE-2024-20319 | Medium | 4.3 | 13 Mar, 2024 |
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month (refer Patch Management):