Symptom
The product Cisco ASR 9000 XR 64-bit Series Routers may include an Intel CPU that is affected by one or more of the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) ID(s):
CVE-2021-0154 CVE-2021-0155 CVE-2021-0190 CVE-2021-33123 CVE-2021-33124 CVE-2022-21131 CVE-2022-21136
This bug was opened to address the potential impact on this product.
Conditions
Exposure is not configuration dependent.
Workaround
Not currently available.
Further Problem Description
Additional details about the vulnerabilities listed above can be found at http://cve.mitre.org/cve/cve.html
PSIRT Evaluation
The Cisco PSIRT has assigned this bug the following CVSS version 3 score. The Base CVSS score as of the time of evaluation is 8.2:
https://tools.cisco.com/security/center/cvssCalculator.x?version=3.1&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
