logo

CVE-2022-20821 - Cisco IOS XR Open Port Vulnerability

Project:Cisco

Product:IOS XR

Date Added:2022-05-23Due Date:2022-06-13

Vulnerability Name

Cisco IOS XR Open Port Vulnerability

Description

Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and allow access to the Redis instance that is running within the NOSi container.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2022-20821