Ios Xr@3.8.0 Security Vulnerabilities and Issues — Ios Xr@3.8.0 CVE List

Lucene search

CiscoIos Xr3.8.0

12 matches found

CVE•added 2009/08/19 5:30 p.m.•940 views

CVE-2009-2055

Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.

4.3CVSS6.5AI score0.01238EPSS

CVE•added 2016/05/29 10:59 p.m.•106 views

CVE-2016-1409

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in ...

7.5CVSS7.1AI score0.04038EPSS

CVE•added 2009/08/21 5:30 p.m.•57 views

CVE-2009-1154

Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute.

3.3CVSS6.8AI score0.00474EPSS

CVE•added 2011/05/31 8:55 p.m.•44 views

CVE-2011-0949

Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2014/09/20 10:55 a.m.•40 views

CVE-2014-3378

tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACACS+ packet, aka Bug ID CSCum00468.

5CVSS6.8AI score0.01913EPSS

CVE•added 2009/08/21 5:30 p.m.•39 views

CVE-2009-2056

Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path.

3.3CVSS6.3AI score0.00474EPSS

CVE•added 2014/09/20 10:55 a.m.•38 views

CVE-2014-3376

Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, aka Bug ID CSCuq12031.

5CVSS6.8AI score0.01913EPSS

CVE•added 2016/05/25 1:59 a.m.•37 views

CVE-2016-1407

Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.

7.5CVSS7.4AI score0.01315EPSS

CVE•added 2014/09/20 10:55 a.m.•36 views

CVE-2014-3379

Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (NPU and card hang or reload) via a malformed MPLS packet, aka Bug ID CSCuq10466.

6.1CVSS7AI score0.01161EPSS

CVE•added 2012/05/02 10:9 a.m.•35 views

CVE-2011-3295

The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as used in Cisco Carrier Routing System and other products, allow remote attackers to cause a denial of service (CPU consumption) via crafted network traffic, aka Bug ID CSCti59888.

7.8CVSS6.8AI score0.00602EPSS

CVE•added 2016/03/12 2:59 a.m.•32 views

CVE-2016-1361

Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900.

5.3CVSS5.3AI score0.00101EPSS

CVE•added 2014/09/20 10:55 a.m.•31 views

CVE-2014-3377

snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malformed SNMPv2 packet, aka Bug ID CSCun67791.

4CVSS6.4AI score0.01633EPSS