Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:cisco:ios_xr:2.0:*:*:*:*:*:*:*
There are 44 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2014-3377

snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malformed SNMPv2 packet, aka Bug ID CSCun67791.

Published: September 20, 2014; 6:55:04 AM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2014-3376

Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, aka Bug ID CSCuq12031.

Published: September 20, 2014; 6:55:04 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-3342

The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383.

Published: September 11, 2014; 9:55:06 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2014-3353

Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.

Published: September 04, 2014; 6:55:07 AM -0400
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2014-3335

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.

Published: August 26, 2014; 6:55:04 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2014-3322

Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.

Published: July 24, 2014; 10:55:07 AM -0400
V3.x:(not available)
V2.0: 6.1 MEDIUM
CVE-2014-3321

Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.

Published: July 17, 2014; 8:55:04 PM -0400
V3.x:(not available)
V2.0: 5.7 MEDIUM
CVE-2014-3308

Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.

Published: July 07, 2014; 7:01:30 AM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2014-3271

The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149.

Published: May 20, 2014; 7:13:38 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-3270

The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924.

Published: May 20, 2014; 7:13:38 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-2144

Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID CSCum14266.

Published: April 05, 2014; 12:01:38 AM -0400
V3.x:(not available)
V2.0: 6.1 MEDIUM
CVE-2013-6700

The SNMP module in Cisco IOS XR allows remote attackers to cause a denial of service (process reload) via a request for an unspecified MIB, aka Bug ID CSCuh43144.

Published: November 28, 2013; 11:33:29 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-5498

The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ASR 9000 Integrated Service Module (ISM) in Cisco IOS XR allows remote attackers to cause a denial of service (module reset) via crafted packet streams, aka Bug ID CSCue91963.

Published: September 27, 2013; 4:55:04 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-3470

The RIP process in Cisco IOS XR allows remote attackers to cause a denial of service (process crash) via a crafted version-2 RIP packet, aka Bug ID CSCue46731.

Published: August 29, 2013; 9:55:08 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-1204

Memory leak in the SNMP process in Cisco IOS XR allows remote attackers to cause a denial of service (memory consumption or process reload) by sending many port-162 UDP packets, aka Bug ID CSCug80345.

Published: May 23, 2013; 9:36:30 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-1234

The SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (process restart) via crafted SNMP packets, aka Bug ID CSCue69472.

Published: May 03, 2013; 7:57:44 AM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2013-1216

Memory leak in the SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (memory consumption and process restart) via crafted SNMP packets, aka Bug ID CSCue31546.

Published: April 29, 2013; 8:20:36 AM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2013-1162

The traffic engineering (TE) processing subsystem in Cisco IOS XR allows remote attackers to cause a denial of service (process restart) via crafted TE packets, aka Bug ID CSCue04000.

Published: March 25, 2013; 11:42:06 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-2488

Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593.

Published: May 31, 2012; 6:17:38 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2009-2056

Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path.

Published: August 21, 2009; 1:30:00 PM -0400
V3.x:(not available)
V2.0: 3.3 LOW