What is CVE-2021-34722?

CVE-2021-34722 is a medium-severity vulnerability in Cisco 8101-32fh, classified under OS Command Injection. CVSS score: 6.7/10. Published 2021-09-09.

How severe is CVE-2021-34722?

Medium severity. CVSS v3 base score is 6.7 out of 10.

RCE in Cisco 8101-32fh

CVE-2021-34722

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more infor…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.003 (18.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cisco 8101-32fh
Cisco 8101-32h
Cisco 8102-64h
Cisco 8201
Cisco 8201-32fh
Cisco 8202
Cisco 8804
Cisco 8808
Cisco 8812
Cisco 8818

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

psirt@cisco.com (x_refsource_CISCO, vendor-advisory, Vendor Advisory)

Frequently asked questions

What is CVE-2021-34722?: CVE-2021-34722 is a medium-severity vulnerability in Cisco 8101-32fh, classified under OS Command Injection. CVSS score: 6.7/10. Published 2021-09-09.
How severe is CVE-2021-34722?: Medium severity. CVSS v3 base score is 6.7 out of 10.