Ios Xr@7.10.1 Security Vulnerabilities and Issues — Ios Xr@7.10.1 CVE List

Lucene search

CiscoIos Xr7.10.1

7 matches found

CVE•added 2024/09/11 5:15 p.m.•109 views

CVE-2024-20381

A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the con...

8.8CVSS8.6AI score0.00255EPSS

CVE•added 2024/09/11 5:15 p.m.•83 views

CVE-2024-20304

A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An atta...

8.6CVSS8AI score0.00137EPSS

CVE•added 2024/09/11 5:15 p.m.•73 views

CVE-2024-20398

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI c...

8.8CVSS8.1AI score0.00294EPSS

CVE•added 2024/03/13 5:15 p.m.•52 views

CVE-2024-20319

A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affected device. This vulnerability is due to incorrect ...

4.3CVSS4.8AI score0.00018EPSS

CVE•added 2024/09/11 5:15 p.m.•51 views

CVE-2024-20317

A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service (DoS) condition. Thi...

7.4CVSS7.5AI score0.00077EPSS

CVE•added 2024/09/11 5:15 p.m.•46 views

CVE-2024-20343

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the ar...

5.5CVSS5.2AI score0.00104EPSS

CVE•added 2025/02/05 5:15 p.m.•40 views

CVE-2025-20172

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker co...

7.7CVSS7.1AI score0.00076EPSS