VYPR

iOS Xr

by Cisco Systems, Inc.

CVEs (99)

  • CVE-2015-4205Jun 23, 2015
    risk 0.00cvss epss 0.01

    Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959.

  • CVE-2015-4195Jun 19, 2015
    risk 0.00cvss epss 0.02

    Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a denial of service (vty error, and SSH and TELNET outage) via a crafted disconnect action within an SSH session, aka Bug ID CSCul63127.

  • CVE-2015-4191Jun 19, 2015
    risk 0.00cvss epss 0.03

    Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565.

  • CVE-2015-0776Jun 12, 2015
    risk 0.00cvss epss 0.01

    telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (device reload) via a malformed TELNET packet, aka Bug ID CSCuq31566.

  • CVE-2015-0769Jun 12, 2015
    risk 0.00cvss epss 0.02

    Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a denial of service (NPU ASIC scan and line-card reload) via crafted IPv6 extension headers, aka Bug ID CSCtx03546.

  • CVE-2015-0695Apr 17, 2015
    risk 0.00cvss epss 0.03

    Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering…

  • CVE-2015-0694Apr 11, 2015
    risk 0.00cvss epss 0.02

    Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug…

  • CVE-2015-0672Mar 26, 2015
    risk 0.00cvss epss 0.02

    The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822.

  • CVE-2015-0661Mar 6, 2015
    risk 0.00cvss epss 0.01

    The SNMPv2 implementation in Cisco IOS XR allows remote authenticated users to cause a denial of service (snmpd daemon reload) via a malformed SNMP packet, aka Bug ID CSCur25858.

  • CVE-2015-0657Mar 6, 2015
    risk 0.00cvss epss 0.01

    Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192.

  • CVE-2015-0618Feb 21, 2015
    risk 0.00cvss epss 0.02

    Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID…

  • CVE-2014-8014Dec 18, 2014
    risk 0.00cvss epss 0.01

    Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCub63710.

  • CVE-2014-8005Nov 26, 2014
    risk 0.00cvss epss 0.01

    Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing many TCP sessions, aka Bug ID CSCuq45239.

  • CVE-2014-8004Nov 25, 2014
    risk 0.00cvss epss 0.02

    Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378.

  • CVE-2014-3396Oct 5, 2014
    risk 0.00cvss epss 0.01

    Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.

  • CVE-2014-3379Sep 20, 2014
    risk 0.00cvss epss 0.01

    Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (NPU and card hang or reload) via a malformed MPLS packet, aka Bug ID CSCuq10466.

  • CVE-2014-3378Sep 20, 2014
    risk 0.00cvss epss 0.02

    tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACACS+ packet, aka Bug ID CSCum00468.

  • CVE-2014-3377Sep 20, 2014
    risk 0.00cvss epss 0.01

    snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malformed SNMPv2 packet, aka Bug ID CSCun67791.

  • CVE-2014-3376Sep 20, 2014
    risk 0.00cvss epss 0.02

    Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, aka Bug ID CSCuq12031.

  • CVE-2014-3342Sep 12, 2014
    risk 0.00cvss epss 0.01

    The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CSCuq42336, CSCuq76853, CSCuq76873, and CSCuq45383.