Ios Xr@* Security Vulnerabilities and Issues — Ios Xr@* CVE List

Lucene search

CiscoIos Xr*

13 matches found

CVE•added 2014/09/12 1:55 a.m.•50 views

CVE-2014-3342

The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383.

4CVSS5.9AI score0.00238EPSS

CVE•added 2014/07/07 11:1 a.m.•48 views

CVE-2014-3308

Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.

6.4CVSS6.9AI score0.01418EPSS

CVE•added 2014/07/18 1:0 a.m.•48 views

CVE-2014-3321

Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.

5.7CVSS6.8AI score0.00332EPSS

CVE•added 2014/04/05 4:1 a.m.•44 views

CVE-2014-2144

Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID CSCum14266.

6.1CVSS6.8AI score0.00138EPSS

CVE•added 2014/07/24 2:55 p.m.•42 views

CVE-2014-3322

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.

6.1CVSS7AI score0.0067EPSS

CVE•added 2014/11/25 5:59 p.m.•41 views

CVE-2014-8004

Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378.

5CVSS6.8AI score0.00865EPSS

CVE•added 2014/05/20 11:13 a.m.•40 views

CVE-2014-3270

The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924.

5CVSS6.8AI score0.0098EPSS

CVE•added 2014/05/20 11:13 a.m.•39 views

CVE-2014-3271

The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149.

5CVSS6.8AI score0.0098EPSS

CVE•added 2014/08/26 10:55 a.m.•39 views

CVE-2014-3335

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.

4.6CVSS6.9AI score0.00679EPSS

CVE•added 2014/12/18 4:59 p.m.•39 views

CVE-2014-8014

Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710.

5CVSS6.8AI score0.00766EPSS

CVE•added 2014/09/04 10:55 a.m.•36 views

CVE-2014-3353

Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.

7.1CVSS6.8AI score0.025EPSS

CVE•added 2014/11/26 2:59 a.m.•35 views

CVE-2014-8005

Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing many TCP sessions, aka Bug ID CSCuq45239.

5CVSS6.9AI score0.00659EPSS

CVE•added 2014/10/05 1:55 a.m.•31 views

CVE-2014-3396

Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.

7.5CVSS7.1AI score0.00322EPSS