Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Ios Xr
Total 173 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-0694 1 Cisco 7 Asr 9001, Asr 9006, Asr 9010 and 4 more 2024-02-28 5.0 MEDIUM N/A
Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.
CVE-2014-3335 1 Cisco 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more 2024-02-28 4.6 MEDIUM N/A
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.
CVE-2014-8005 1 Cisco 1 Ios Xr 2024-02-28 5.0 MEDIUM N/A
Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing many TCP sessions, aka Bug ID CSCuq45239.
CVE-2014-3271 1 Cisco 1 Ios Xr 2024-02-28 5.0 MEDIUM N/A
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149.
CVE-2014-3308 1 Cisco 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more 2024-02-28 6.4 MEDIUM N/A
Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.
CVE-2014-8004 1 Cisco 1 Ios Xr 2024-02-28 5.0 MEDIUM N/A
Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378.
CVE-2014-3376 1 Cisco 1 Ios Xr 2024-02-28 5.0 MEDIUM N/A
Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, aka Bug ID CSCuq12031.
CVE-2014-8014 1 Cisco 1 Ios Xr 2024-02-28 5.0 MEDIUM N/A
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710.
CVE-2015-0661 1 Cisco 1 Ios Xr 2024-02-28 4.0 MEDIUM N/A
The SNMPv2 implementation in Cisco IOS XR allows remote authenticated users to cause a denial of service (snmpd daemon reload) via a malformed SNMP packet, aka Bug ID CSCur25858.
CVE-2014-3353 1 Cisco 1 Ios Xr 2024-02-28 7.1 HIGH N/A
Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.
CVE-2014-3321 1 Cisco 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more 2024-02-28 5.7 MEDIUM N/A
Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.
CVE-2014-3322 1 Cisco 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more 2024-02-28 6.1 MEDIUM N/A
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.
CVE-2014-2176 1 Cisco 7 Asr 9001, Asr 9006, Asr 9010 and 4 more 2024-02-28 7.1 HIGH N/A
Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.
CVE-2014-3342 1 Cisco 2 Cli, Ios Xr 2024-02-28 4.0 MEDIUM N/A
The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383.
CVE-2014-3396 1 Cisco 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more 2024-02-28 7.5 HIGH N/A
Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.
CVE-2015-0657 1 Cisco 1 Ios Xr 2024-02-28 5.0 MEDIUM N/A
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192.
CVE-2014-3270 1 Cisco 1 Ios Xr 2024-02-28 5.0 MEDIUM N/A
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924.
CVE-2014-3377 1 Cisco 1 Ios Xr 2024-02-28 4.0 MEDIUM N/A
snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malformed SNMPv2 packet, aka Bug ID CSCun67791.
CVE-2014-3378 1 Cisco 1 Ios Xr 2024-02-28 5.0 MEDIUM N/A
tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACACS+ packet, aka Bug ID CSCum00468.
CVE-2014-2144 1 Cisco 1 Ios Xr 2024-02-28 6.1 MEDIUM N/A
Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID CSCum14266.