Filtered by vendor Cisco
Subscriptions
Filtered by product Ios Xr
Subscriptions
Total
173 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-0695 | 1 Cisco | 7 Asr 9001, Asr 9006, Asr 9010 and 4 more | 2024-08-06 | N/A |
Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957. | ||||
CVE-2015-0661 | 1 Cisco | 1 Ios Xr | 2024-08-06 | N/A |
The SNMPv2 implementation in Cisco IOS XR allows remote authenticated users to cause a denial of service (snmpd daemon reload) via a malformed SNMP packet, aka Bug ID CSCur25858. | ||||
CVE-2015-0618 | 1 Cisco | 3 Carrier Routing System, Ios Xr, Network Convergence System 6000 | 2024-08-06 | N/A |
Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241. | ||||
CVE-2015-0672 | 1 Cisco | 7 Asr 9001, Asr 9006, Asr 9010 and 4 more | 2024-08-06 | N/A |
The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822. | ||||
CVE-2015-0657 | 1 Cisco | 1 Ios Xr | 2024-08-06 | N/A |
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192. | ||||
CVE-2016-9215 | 1 Cisco | 1 Ios Xr | 2024-08-06 | N/A |
A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. More Information: CSCva38434. Known Affected Releases: 6.1.1.BASE. | ||||
CVE-2016-9205 | 1 Cisco | 1 Ios Xr | 2024-08-06 | N/A |
A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting in a denial of service (DoS) condition. More Information: CSCvb14425. Known Affected Releases: 6.1.1.BASE. Known Fixed Releases: 6.1.2.6i.MGBL 6.1.22.9i.MGBL 6.2.1.14i.MGBL. | ||||
CVE-2016-6421 | 1 Cisco | 1 Ios Xr | 2024-08-06 | N/A |
Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of service (process restart) via a crafted OSPF Link State Advertisement (LSA) update, aka Bug ID CSCvb05643. | ||||
CVE-2016-6428 | 1 Cisco | 1 Ios Xr | 2024-08-06 | N/A |
Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands as root by leveraging admin privileges, aka Bug ID CSCva38349. | ||||
CVE-2016-6355 | 1 Cisco | 1 Ios Xr | 2024-08-06 | N/A |
Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote attackers to cause a denial of service (control-plane protocol outage) via crafted fragmented packets, aka Bug ID CSCux26791. | ||||
CVE-2016-1456 | 1 Cisco | 1 Ios Xr | 2024-08-05 | N/A |
The CLI in Cisco IOS XR 6.x through 6.0.1 allows local users to execute arbitrary OS commands in a privileged context by leveraging unspecified container access, aka Bug ID CSCuz62721. | ||||
CVE-2016-1426 | 1 Cisco | 2 Ios Xr, Network Convergence System 6000 | 2024-08-05 | N/A |
Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819. | ||||
CVE-2016-1407 | 1 Cisco | 7 Asr 9001, Asr 9006, Asr 9010 and 4 more | 2024-08-05 | N/A |
Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576. | ||||
CVE-2016-1409 | 1 Cisco | 4 Ios, Ios Xe, Ios Xr and 1 more | 2024-08-05 | N/A |
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016. | ||||
CVE-2016-1433 | 1 Cisco | 1 Ios Xr | 2024-08-05 | N/A |
Cisco IOS XR 6.0 and 6.0.1 on NCS 6000 devices allows remote attackers to cause a denial of service (OSPFv3 process reload) via crafted OSPFv3 packets, aka Bug ID CSCuz66289. | ||||
CVE-2016-1376 | 1 Cisco | 1 Ios Xr | 2024-08-05 | N/A |
Cisco IOS XR 4.2.3, 4.3.0, 4.3.4, and 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (CRC and symbol errors, and interface flap) via crafted bit patterns in packets, aka Bug ID CSCuv78548. | ||||
CVE-2016-1366 | 1 Cisco | 1 Ios Xr | 2024-08-05 | N/A |
The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848. | ||||
CVE-2016-1361 | 1 Cisco | 5 Ios Xr, Xr 12404, Xr 12406 and 2 more | 2024-08-05 | N/A |
Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900. | ||||
CVE-2017-12355 | 1 Cisco | 1 Ios Xr | 2024-08-05 | N/A |
A vulnerability in the Local Packet Transport Services (LPTS) ingress frame-processing functionality of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause one of the LPTS processes on an affected system to restart unexpectedly, resulting in a brief denial of service (DoS) condition. The vulnerability is due to incomplete LPTS frame validation by the affected software. An attacker could exploit this vulnerability by sending crafted XML requests to the management interface of an affected system. A successful exploit could allow the attacker to cause one of the LPTS processes on the affected system to restart unexpectedly, which would impact LPTS traffic and cause a brief DoS condition while the process restarts. Cisco Bug IDs: CSCvf76332. | ||||
CVE-2017-12270 | 1 Cisco | 1 Ios Xr | 2024-08-05 | N/A |
A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops. The vulnerability is due to the software's inability to process HTTP/2 packets. An attacker could exploit this vulnerability by sending a malformed HTTP/2 frame to the affected device. A successful exploit could allow the attacker to create a DoS condition when the emsd service stops. Cisco Bug IDs: CSCvb99388. |