Ios Xr

ios_xr

Vendor: Cisco • 193 CVEs

CVEs (193)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-1456 1Cisco 1Ios Xr May 6, 2026 Jul 15, 2016 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The CLI in Cisco IOS XR 6.x through 6.0.1 allows local users to execute arbitrary OS commands in a privileged context by leveraging unspecified container access, aka Bug ID CSCuz62721.
CVE-2016-1426 1Cisco 1Ios Xr May 6, 2026 Jul 15, 2016 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Route Processor reload) via crafted SSH traffic, aka Bug ID CSCux76819.
CVE-2016-1409 1Cisco 4Ios Ios XeIos Xr+1 more May 6, 2026 May 29, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outag...Show more The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016.Show less
CVE-2016-1407 1Cisco 1Ios Xr May 6, 2026 May 25, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP por...Show more Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to cause a denial of service (session drop) by making many connection attempts to open TCP ports, aka Bug ID CSCux95576.Show less
CVE-2016-1376 1Cisco 1Ios Xr May 6, 2026 Apr 12, 2016 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Cisco IOS XR 4.2.3, 4.3.0, 4.3.4, and 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (CRC and symbol errors, and interface flap) via crafted bit patterns in packets, aka Bug ID CSCuv78548.
CVE-2016-1366 1Cisco 1Ios Xr May 6, 2026 Mar 24, 2016 N/A· v4 6.5 MEDIUM· v3 6.8 MEDIUM· v2 The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwri...Show more The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for system files, which allows remote authenticated users to cause a denial of service (overwrite) via unspecified vectors, aka Bug ID CSCuw75848.Show less
CVE-2016-1361 1Cisco 1Ios Xr May 6, 2026 Mar 12, 2016 N/A· v4 5.3 MEDIUM· v3 4.6 MEDIUM· v2 Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of se...Show more Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Detection (BFD) header in a UDP packet, which allows remote attackers to cause a denial of service (line-card restart) via a crafted packet, aka Bug ID CSCuw56900.Show less
CVE-2015-6432 1Cisco 1Ios Xr May 6, 2026 Jan 5, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Computation Elements (PCEs) for OSPF LSA opaque area updates, which allows remote attackers to...Show more Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Computation Elements (PCEs) for OSPF LSA opaque area updates, which allows remote attackers to cause a denial of service (device reload) via a crafted update, aka Bug ID CSCuw83486.Show less
CVE-2015-6301 1Cisco 7Asr 9001 Asr 9006Asr 9010+4 more May 6, 2026 Sep 20, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171.
CVE-2015-6297 1Cisco 1Ios Xr May 6, 2026 Sep 18, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun36525.
CVE-2015-4285 1Cisco 1Ios Xr May 6, 2026 Jul 23, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow bas...Show more The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes incorrect decisions about the opening of TCP and UDP ports during the processing of flow base entries, which allows remote attackers to cause a denial of service (resource consumption) by sending traffic to these ports continuously, aka Bug ID CSCur88273.Show less
CVE-2015-4284 1Cisco 1Ios Xr May 6, 2026 Jul 22, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows remote attackers to cause a denial of service (BGP process reload) via malformed BGPv4 packets, aka Bug ID CSCur70670.
CVE-2015-4223 1Cisco 1Ios Xr May 6, 2026 Jun 25, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of service (process reload) via crafted MPLS Label Distribution Protocol (LDP) packets, aka Bug ID CSCuu77478.
CVE-2015-4205 1Cisco 1Ios Xr May 6, 2026 Jun 23, 2015 N/A· v4 N/A· v3 5.7 MEDIUM· v2 Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID C...Show more Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959.Show less
CVE-2015-4195 1Cisco 1Ios Xr May 6, 2026 Jun 19, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a denial of service (vty error, and SSH and TELNET outage) via a crafted disconnect action within an SSH session, aka Bug ID CSCul63127.
CVE-2015-4191 1Cisco 1Ios Xr May 6, 2026 Jun 19, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565.
CVE-2015-0776 1Cisco 1Ios Xr May 6, 2026 Jun 12, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (device reload) via a malformed TELNET packet, aka Bug ID CSCuq31566.
CVE-2015-0695 1Cisco 1Ios Xr May 6, 2026 Apr 17, 2015 N/A· v4 N/A· v3 7.8 HIGH· v2 Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial o...Show more Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attackers to cause a denial of service (chip and card hangs and reloads) by triggering use of a BVI interface for IPv4 packets, aka Bug ID CSCur62957.Show less
CVE-2015-0694 1Cisco 7Asr 9001 Asr 9006Asr 9010+4 more May 6, 2026 Apr 11, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an a...Show more Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.Show less
CVE-2015-0672 1Cisco 1Ios Xr May 6, 2026 Mar 26, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822.

Previous 1...678 9 10 Next