Boletines de Vulnerabilidades

Cisco IOS XR Software SNMP Management Plane Protection ACL Bypass Vulnerability

Información sobre el sistema
   
Software afectado Cisco

Descripción
A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affected device. This vulnerability is due to incorrect UDP forwarding programming when using SNMP with management plane protection. An attacker could exploit this vulnerability by attempting to perform an SNMP operation using broadcast as the destination

More info:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-uhv6ZDeF?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20IOS%20XR%20Software%20SNMP%20Management%20Plane%20Protection%20ACL%20Bypass%20Vulnerability&vs_k=1

Identificadores estándar
Propiedad Valor
CVE CVE-2024-20319.

Histórico de versiones
Versión Comentario Fecha

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT