How severe is CVE-2021-34708?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2021-34708?

This is classified as CWE-347, which is a common weakness in software security.

CVE-2021-34708

MEDIUM Year: 2021

CVSS v3 Score

6.7

Medium

CVSS v2 Score

7.2

High

Weakness Type

CWE-347

View all →

Vulnerability Description

Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2017-12331

MEDIUM

CVSS:6.7(Medium)

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software patch. The vulnerability is due to insufficient NX-...

CWE-3472017

CVE-2017-12333

MEDIUM

CVSS:6.7(Medium)

A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software image. The vulnerability is due to insufficient NX-...

CWE-3472017

CVE-2017-8190

MEDIUM

CVSS:6.7(Medium)

FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the cryptographic signature. An attacker with high priv...

CWE-3472017

CVE-2018-15374

MEDIUM

CVSS:6.7(Medium)

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install a malicious software image or file on an affected device. The vulnera...

CWE-3472018

CVE-2019-12649

MEDIUM

CVSS:6.7(Medium)

A vulnerability in the Image Verification feature of Cisco IOS XE Software could allow an authenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on a...

CWE-3472019

CVE-2019-12662

MEDIUM

CVSS:6.7(Medium)

A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software could allow an authenticated, local attacker with valid administrator or privilege level 15 credentials to load a virtual service imag...

CWE-3472019

CVE-2021-34708

Vulnerability Description

Related Vulnerabilities

CVE-2017-12331

CVE-2017-12333

CVE-2017-8190

CVE-2018-15374

CVE-2019-12649

CVE-2019-12662