VYPR

iOS Xr Software

by Cisco Systems, Inc.

CVEs (285)

  • CVE-2019-16022HigJan 26, 2020
    risk 0.56cvss 8.6epss 0.01

    Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect…

  • CVE-2019-16020HigJan 26, 2020
    risk 0.56cvss 8.6epss 0.01

    Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect…

  • CVE-2019-15989HigJan 26, 2020
    risk 0.56cvss 8.6epss 0.01

    A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update…

  • CVE-2019-1686HigApr 17, 2019
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is…

  • CVE-2019-1751HigMar 28, 2019
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the Network Address Translation 64 (NAT64) functions of Cisco IOS Software could allow an unauthenticated, remote attacker to cause either an interface queue wedge or a device reload. The vulnerability is due to the incorrect handling of certain IPv4 packet…

  • CVE-2019-1747HigMar 28, 2019
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the implementation of the Short Message Service (SMS) handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability…

  • CVE-2019-1740HigMar 28, 2019
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. This vulnerability are due to a parsing issue on DNS packets. An…

  • CVE-2019-1737HigMar 27, 2019
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the processing of IP Service Level Agreement (SLA) packets by Cisco IOS Software and Cisco IOS XE software could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The…

  • CVE-2018-15377HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due…

  • CVE-2018-0485HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers (ISR G2) and the Cisco 4451-X Integrated Services Router (ISR4451-X) could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the…

  • CVE-2018-0473HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the Precision Time Protocol (PTP) subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets.…

  • CVE-2018-0470HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the web framework of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to the affected software…

  • CVE-2018-0467HigOct 5, 2018
    risk 0.56cvss 8.6epss 0.04

    A vulnerability in the IPv6 processing code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of specific IPv6 hop-by-hop options. An attacker could exploit this…

  • CVE-2018-0164HigMar 28, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an interface queue wedge. The vulnerability is due to incorrect handling of crafted IPv6 packets. An attacker could exploit this…

  • CVE-2018-0157HigMar 28, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a device to reload. The vulnerability is due to the way fragmented packets are handled in the firewall code. An attacker could exploit this…

  • CVE-2018-0132HigFeb 8, 2018
    risk 0.56cvss 8.6epss 0.02

    A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause inconsistency between the routing information base (RIB) and the FIB, resulting in a denial of service (DoS) condition. The…

  • CVE-2018-0136HigJan 31, 2018
    risk 0.56cvss 8.6epss 0.03

    A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service…

  • CVE-2024-20489HigSep 11, 2024
    risk 0.55cvss 8.4epss 0.00

    A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with low privileges to obtain the MongoDB credentials. This vulnerability is due to improper storage of the unencrypted database credentials on the…

  • CVE-2023-20109MedKEVSep 27, 2023
    risk 0.55cvss 6.6epss 0.02

    A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an…

  • CVE-2022-20821MedKEVMay 26, 2022
    risk 0.55cvss 6.5epss 0.12

    A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon…

Page 4 of 15