Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CiscoIos Xr7.2.0

14 matches found

CVE
CVEadded 2024/09/11 5:15 p.m.110 views

CVE-2024-20381

A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the web-based management interfaces of Cisco Optical Site Manager and Cisco RV340 Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to modify the con...

8.8CVSS8.6AI score0.00236EPSS
CVE
CVEadded 2024/09/11 5:15 p.m.75 views

CVE-2024-20398

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI c...

8.8CVSS8.1AI score0.00243EPSS
CVE
CVEadded 2024/11/15 4:15 p.m.74 views

CVE-2022-20846

A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an affected device.This vulnerability is due to a heap buffer overflow in certain Cisco Discovery Pro...

4.3CVSS5.3AI score0.01106EPSS
CVE
CVEadded 2021/02/04 5:15 p.m.71 views

CVE-2021-1243

A vulnerability in the Local Packet Transport Services (LPTS) programming of the SNMP with the management plane protection feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to allow connections despite the management plane protection that is configured to deny access ...

7.5CVSS6.5AI score0.00548EPSS
CVE
CVEadded 2025/03/12 4:15 p.m.70 views

CVE-2025-20115

A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to a memory corruption that occurs when a BGP update is created with...

8.6CVSS7.6AI score0.00527EPSS
CVE
CVEadded 2021/02/04 5:15 p.m.65 views

CVE-2021-1268

A vulnerability in the IPv6 protocol handling of the management interfaces of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause an IPv6 flood on the management interface network of an affected device. The vulnerability exists because the software incorrectly forwards ...

7.4CVSS6.8AI score0.00124EPSS
CVE
CVEadded 2025/05/07 6:15 p.m.59 views

CVE-2025-20154

A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. For Cisco IOS XR Software, this...

8.6CVSS8.5AI score0.00233EPSS
CVE
CVEadded 2024/03/13 5:15 p.m.54 views

CVE-2024-20319

A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affected device. This vulnerability is due to incorrect ...

4.3CVSS4.8AI score0.00018EPSS
CVE
CVEadded 2025/03/12 4:15 p.m.54 views

CVE-2025-20209

A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets. This vulnerability is due to improper handling of malformed IKEv2 packets. An...

7.5CVSS7.4AI score0.00143EPSS
CVE
CVEadded 2021/02/04 5:15 p.m.53 views

CVE-2021-1389

A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due ...

6.5CVSS6.1AI score0.00226EPSS
CVE
CVEadded 2024/09/11 5:15 p.m.49 views

CVE-2024-20343

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file system of the underlying Linux operating system. The attacker must have valid credentials on the affected device. This vulnerability is due to incorrect validation of the ar...

5.5CVSS5.2AI score0.00097EPSS
CVE
CVEadded 2021/02/04 5:15 p.m.48 views

CVE-2021-1128

A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local attacker to view more information than their privileges allow. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit th...

5.5CVSS5.4AI score0.00064EPSS
CVE
CVEadded 2020/08/17 6:15 p.m.47 views

CVE-2020-3449

A vulnerability in the Border Gateway Protocol (BGP) additional paths feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent authorized users from monitoring the BGP status and cause the BGP process to stop processing new updates, resulting in a denial of servic...

4.3CVSS4.8AI score0.00456EPSS
CVE
CVEadded 2025/02/05 5:15 p.m.41 views

CVE-2025-20172

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker co...

7.7CVSS7.1AI score0.00092EPSS