Ios Xr Security Vulnerabilities and Issues — Ios Xr CVE List

Lucene search

CiscoIos Xr

16 matches found

CVE•added 2022/05/26 2:15 p.m.•1055 views

CVE-2022-20821

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attacker...

6.5CVSS6.8AI score0.13178EPSS

CVE•added 2019/07/06 2:15 a.m.•427 views

CVE-2019-1909

A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update me...

6.8CVSS6.2AI score0.00527EPSS

CVE•added 2023/09/13 5:15 p.m.•65 views

CVE-2023-20233

A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect processing of invalid continuity check messages (CCM...

6.5CVSS6.5AI score0.00149EPSS

CVE•added 2021/09/09 5:15 a.m.•53 views

CVE-2021-34721

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section ...

6.9CVSS7AI score0.00095EPSS

CVE•added 2021/02/04 5:15 p.m.•52 views

CVE-2021-1389

A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due ...

6.5CVSS6.1AI score0.00281EPSS

CVE•added 2021/09/09 5:15 a.m.•51 views

CVE-2021-34709

Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...

6.9CVSS6.6AI score0.00024EPSS

CVE•added 2025/03/12 4:15 p.m.•50 views

CVE-2025-20143

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on ...

6.7CVSS7AI score0.00016EPSS

CVE•added 2014/07/07 11:1 a.m.•48 views

CVE-2014-3308

Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.

6.4CVSS6.9AI score0.01418EPSS

CVE•added 2018/10/05 2:29 p.m.•48 views

CVE-2018-15428

A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker co...

6.8CVSS6.7AI score0.00541EPSS

CVE•added 2021/02/04 5:15 p.m.•48 views

CVE-2021-1244

Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

6.7CVSS6.7AI score0.00023EPSS

CVE•added 2021/02/04 5:15 p.m.•46 views

CVE-2021-1136

6.7CVSS6.7AI score0.00023EPSS

CVE•added 2016/03/24 10:59 p.m.•45 views

CVE-2016-1366

The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848.

6.8CVSS6.2AI score0.00156EPSS

CVE•added 2014/04/05 4:1 a.m.•44 views

CVE-2014-2144

Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID CSCum14266.

6.1CVSS6.8AI score0.00138EPSS

CVE•added 2014/07/24 2:55 p.m.•42 views

CVE-2014-3322

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.

6.1CVSS7AI score0.0067EPSS

CVE•added 2017/06/13 6:29 a.m.•37 views

CVE-2017-6666

A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an authenticated, local attacker to cause the router to stop forwarding data traffic across Traffic Engineering (TE) tunnels, resulting in a denial of serv...

6CVSS5.8AI score0.00074EPSS

CVE•added 2014/09/20 10:55 a.m.•36 views

CVE-2014-3379

Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (NPU and card hang or reload) via a malformed MPLS packet, aka Bug ID CSCuq10466.

6.1CVSS7AI score0.01161EPSS