iOS Xr Software
CVEs (292)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-20137 | Med | 0.31 | 4.7 | 0.00 | May 7, 2025 | A vulnerability in the access control list (ACL) programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the… | ||
| CVE-2019-1758 | Med | 0.31 | 4.7 | 0.01 | Mar 28, 2019 | A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An… | ||
| CVE-2023-20064 | Med | 0.30 | 4.6 | 0.00 | Mar 9, 2023 | A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion… | ||
| CVE-2017-12289 | Med | 0.29 | 4.4 | 0.00 | Oct 19, 2017 | A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec… | ||
| CVE-2025-20151 | Med | 0.28 | 4.3 | 0.00 | May 7, 2025 | A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to… | ||
| CVE-2022-20846 | Med | 0.28 | 4.3 | 0.01 | Nov 15, 2024 | A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an affected device. This vulnerability is due to a heap buffer… | ||
| CVE-2024-20434 | Med | 0.28 | 4.3 | 0.00 | Sep 25, 2024 | A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker… | ||
| CVE-2024-20319 | Med | 0.28 | 4.3 | 0.00 | Mar 13, 2024 | A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affected device. This… | ||
| CVE-2023-20233 | Med | 0.28 | 4.3 | 0.00 | Sep 13, 2023 | A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect processing of invalid… | ||
| CVE-2020-3449 | Med | 0.28 | 4.3 | 0.01 | Aug 17, 2020 | A vulnerability in the Border Gateway Protocol (BGP) additional paths feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent authorized users from monitoring the BGP status and cause the BGP process to stop processing new updates, resulting… | ||
| CVE-2018-0257 | Med | 0.28 | 4.3 | 0.01 | Apr 19, 2018 | A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the… | ||
| CVE-2017-12279 | Med | 0.28 | 4.3 | 0.01 | Nov 2, 2017 | A vulnerability in the packet processing code of Cisco IOS Software for Cisco Aironet Access Points could allow an unauthenticated, adjacent attacker to retrieve content from memory on an affected device, which could lead to the disclosure of confidential information. The… | ||
| CVE-2017-12213 | Med | 0.28 | 4.3 | 0.01 | Sep 7, 2017 | A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dynamic ACL assignment to fail and the port to fail open. This could allow the… | ||
| CVE-2025-20144 | Med | 0.26 | 4.0 | 0.00 | Mar 12, 2025 | A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when a specific configuration of… | ||
| CVE-2016-6450 | Low | 0.16 | 2.5 | 0.00 | Nov 19, 2016 | A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. This vulnerability affects the following products if they are running a vulnerable release… | ||
| CVE-2025-20352 | 0.12 | — | 0.38 | KEV | Sep 24, 2025 | A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device… | ||
| CVE-2025-20363 | 0.01 | — | 0.08 | Sep 25, 2025 | A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker… | |||
| CVE-2026-20113 | 0.00 | — | 0.00 | Mar 25, 2026 | A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user. This vulnerability is due to… | |||
| CVE-2026-20114 | 0.00 | — | 0.00 | Mar 25, 2026 | A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability… | |||
| CVE-2026-20083 | 0.00 | — | 0.00 | Mar 25, 2026 | A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of a… |
- risk 0.31cvss 4.7epss 0.00
A vulnerability in the access control list (ACL) programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the…
- risk 0.31cvss 4.7epss 0.01
A vulnerability in 802.1x function of Cisco IOS Software on the Catalyst 6500 Series Switches could allow an unauthenticated, adjacent attacker to access the network prior to authentication. The vulnerability is due to how the 802.1x packets are handled in the process path. An…
- risk 0.30cvss 4.6epss 0.00
A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line. This vulnerability is due to the inclusion…
- risk 0.29cvss 4.4epss 0.00
A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec…
- risk 0.28cvss 4.3epss 0.00
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to…
- risk 0.28cvss 4.3epss 0.01
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an affected device. This vulnerability is due to a heap buffer…
- risk 0.28cvss 4.3epss 0.00
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker…
- risk 0.28cvss 4.3epss 0.00
A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass configured management plane protection policies and access the Simple Network Management Plane (SNMP) server of an affected device. This…
- risk 0.28cvss 4.3epss 0.00
A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect processing of invalid…
- risk 0.28cvss 4.3epss 0.01
A vulnerability in the Border Gateway Protocol (BGP) additional paths feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent authorized users from monitoring the BGP status and cause the BGP process to stop processing new updates, resulting…
- risk 0.28cvss 4.3epss 0.01
A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the…
- risk 0.28cvss 4.3epss 0.01
A vulnerability in the packet processing code of Cisco IOS Software for Cisco Aironet Access Points could allow an unauthenticated, adjacent attacker to retrieve content from memory on an affected device, which could lead to the disclosure of confidential information. The…
- risk 0.28cvss 4.3epss 0.01
A vulnerability in the dynamic access control list (ACL) feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dynamic ACL assignment to fail and the port to fail open. This could allow the…
- risk 0.26cvss 4.0epss 0.00
A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when a specific configuration of…
- risk 0.16cvss 2.5epss 0.00
A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. This vulnerability affects the following products if they are running a vulnerable release…
- risk 0.12cvss —epss 0.38
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device…
- CVE-2025-20363Sep 25, 2025risk 0.01cvss —epss 0.08
A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker…
- CVE-2026-20113Mar 25, 2026risk 0.00cvss —epss 0.00
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user. This vulnerability is due to…
- CVE-2026-20114Mar 25, 2026risk 0.00cvss —epss 0.00
A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability…
- CVE-2026-20083Mar 25, 2026risk 0.00cvss —epss 0.00
A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of a…
Page 14 of 15