Ios Xr@3.9.0 Security Vulnerabilities and Issues — Ios Xr@3.9.0 CVE List

Lucene search

CiscoIos Xr3.9.0

11 matches found

CVE•added 2016/05/29 10:59 p.m.•106 views

CVE-2016-1409

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in ...

7.5CVSS7.1AI score0.04038EPSS

CVE•added 2011/05/31 8:55 p.m.•44 views

CVE-2011-0949

Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/10/25 3:52 a.m.•43 views

CVE-2013-5549

Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented packets within the RP-A, RP-B, PRP, and DRP-B route-processor components, which allows remote attackers to cause a denial of service (transmission outage) via (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCuh30380.

7.1CVSS6.8AI score0.00399EPSS

CVE•added 2014/09/20 10:55 a.m.•40 views

CVE-2014-3378

tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACACS+ packet, aka Bug ID CSCum00468.

5CVSS6.8AI score0.01913EPSS

CVE•added 2014/09/20 10:55 a.m.•38 views

CVE-2014-3376

Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, aka Bug ID CSCuq12031.

5CVSS6.8AI score0.01913EPSS

CVE•added 2016/05/25 1:59 a.m.•37 views

CVE-2016-1407

Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.

7.5CVSS7.4AI score0.01315EPSS

CVE•added 2011/05/31 8:55 p.m.•36 views

CVE-2011-1651

Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2014/09/20 10:55 a.m.•36 views

CVE-2014-3379

Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (NPU and card hang or reload) via a malformed MPLS packet, aka Bug ID CSCuq10466.

6.1CVSS7AI score0.01161EPSS

CVE•added 2012/05/02 10:9 a.m.•35 views

CVE-2011-3295

The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as used in Cisco Carrier Routing System and other products, allow remote attackers to cause a denial of service (CPU consumption) via crafted network traffic, aka Bug ID CSCti59888.

7.8CVSS6.8AI score0.00602EPSS

CVE•added 2016/03/12 2:59 a.m.•32 views

CVE-2016-1361

Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900.

5.3CVSS5.3AI score0.00101EPSS

CVE•added 2014/09/20 10:55 a.m.•31 views

CVE-2014-3377

snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malformed SNMPv2 packet, aka Bug ID CSCun67791.

4CVSS6.4AI score0.01633EPSS