VYPR

iOS Xr

by Cisco Systems, Inc.

CVEs (99)

  • CVE-2014-3343Sep 10, 2014
    risk 0.00cvss epss 0.02

    Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (DHCPv6 daemon crash) via a malformed DHCPv6 packet, aka Bug ID CSCuo59052.

  • CVE-2014-3353Sep 4, 2014
    risk 0.00cvss epss 0.03

    Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165.

  • CVE-2014-3335Aug 26, 2014
    risk 0.00cvss epss 0.01

    Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.

  • CVE-2014-3322Jul 24, 2014
    risk 0.00cvss epss 0.01

    Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.

  • CVE-2014-3321Jul 18, 2014
    risk 0.00cvss epss 0.01

    Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.

  • CVE-2014-3308Jul 7, 2014
    risk 0.00cvss epss 0.03

    Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.

  • CVE-2014-2176Jun 14, 2014
    risk 0.00cvss epss 0.03

    Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.

  • CVE-2014-3271May 20, 2014
    risk 0.00cvss epss 0.02

    The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug IDs CSCum85558, CSCum20949, CSCul61849, and CSCul71149.

  • CVE-2014-3270May 20, 2014
    risk 0.00cvss epss 0.02

    The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924.

  • CVE-2014-2144Apr 5, 2014
    risk 0.00cvss epss 0.01

    Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4 and IPv6 transit outage) via crafted redirect messages, aka Bug ID CSCum14266.

  • CVE-2013-6700Nov 29, 2013
    risk 0.00cvss epss 0.01

    The SNMP module in Cisco IOS XR allows remote attackers to cause a denial of service (process reload) via a request for an unspecified MIB, aka Bug ID CSCuh43144.

  • CVE-2013-5565Nov 8, 2013
    risk 0.00cvss epss 0.01

    The OSPFv3 functionality in Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (process crash) via a malformed LSA Type-1 packet, aka Bug ID CSCuj82176.

  • CVE-2013-5549Oct 25, 2013
    risk 0.00cvss epss 0.02

    Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented packets within the RP-A, RP-B, PRP, and DRP-B route-processor components, which allows remote attackers to cause a denial of service (transmission outage) via (1) IPv4 or (2) IPv6 traffic, aka Bug ID…

  • CVE-2013-5503Oct 2, 2013
    risk 0.00cvss epss 0.01

    The UDP process in Cisco IOS XR 4.3.1 does not free packet memory upon detecting full packet queues, which allows remote attackers to cause a denial of service (memory consumption) via UDP packets to listening ports, aka Bug ID CSCue69413.

  • CVE-2013-5498Sep 27, 2013
    risk 0.00cvss epss 0.02

    The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ASR 9000 Integrated Service Module (ISM) in Cisco IOS XR allows remote attackers to cause a denial of service (module reset) via crafted packet streams, aka Bug ID CSCue91963.

  • CVE-2013-3470Aug 30, 2013
    risk 0.00cvss epss 0.03

    The RIP process in Cisco IOS XR allows remote attackers to cause a denial of service (process crash) via a crafted version-2 RIP packet, aka Bug ID CSCue46731.

  • CVE-2013-3464Aug 13, 2013
    risk 0.00cvss epss 0.00

    Cisco IOS XR allows local users to cause a denial of service (Silicon Packet Processor memory corruption, improper mutex handling, and device reload) by starting an outbound flood of large ICMP Echo Request packets and stopping this with a CTRL-C sequence, aka Bug ID CSCui60347.

  • CVE-2013-1204May 23, 2013
    risk 0.00cvss epss 0.01

    Memory leak in the SNMP process in Cisco IOS XR allows remote attackers to cause a denial of service (memory consumption or process reload) by sending many port-162 UDP packets, aka Bug ID CSCug80345.

  • CVE-2013-1234May 3, 2013
    risk 0.00cvss epss 0.01

    The SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (process restart) via crafted SNMP packets, aka Bug ID CSCue69472.

  • CVE-2013-1216Apr 29, 2013
    risk 0.00cvss epss 0.01

    Memory leak in the SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (memory consumption and process restart) via crafted SNMP packets, aka Bug ID CSCue31546.

Page 4 of 5