Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ios_xr
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 171 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-02-04 | CVE-2021-1370 | A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and Network Convergence System 540 Series Routers running NCS540L software images could allow an authenticated, local attacker to elevate their privilege to root. To exploit this vulnerability, an attacker would need to have a valid account on an affected device. The vulnerability is due to insufficient validation of command line arguments. An attacker could exploit this vulnerability by... | Ios_xr | 7.8 | ||
| 2020-11-06 | CVE-2020-3284 | A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are running Cisco IOS XR Software only. The vulnerability exists because internal commands that are issued when the PXE network boot process is loading a... | A99\-Rp2\-Se_firmware, A99\-Rp2\-Tr_firmware, A99\-Rp3\-Se_firmware, A99\-Rp3\-Tr_firmware, A99\-Rsp\-Se_firmware, A99\-Rsp\-Tr_firmware, A9k\-Rsp5\-Se_firmware, A9k\-Rsp5\-Tr_firmware, A9k\-Rsp880\-Lt\-Se_firmware, A9k\-Rsp880\-Lt\-Tr_firmware, A9k\-Rsp880\-Se_firmware, A9k\-Rsp880\-Tr_firmware, Asr\-9901\-Rp_firmware, Ios_xr, N540\-12z20g\-Sys\-A\/d_firmware, N540\-24z8q2c\-M_firmware, N540\-28z4c\-Sys\-A\/d_firmware, N540\-Acc\-Sys_firmware, N540x\-12z16g\-Sys\-A\/d_firmware, N540x\-16z4g8q2c\-A\/d_firmware, N560\-4\-Sys_firmware, N560\-7\-Sys_firmware, Nc55\-Rp\-E_firmware, Nc55\-Rp_firmware, Ncs1001_firmware, Ncs1002_firmware, Ncs1004_firmware, Ncs5001_firmware, Ncs5002_firmware, Ncs5011_firmware, Ncs55\-A1\-48q6h_firmware, Ncs\-5501\-Se_firmware, Ncs\-5501_firmware, Ncs\-5502\-Se_firmware, Ncs\-5502_firmware, Ncs\-55a1\-24h_firmware, Ncs\-55a1\-24q6h\-S_firmware, Ncs\-55a1\-36h\-S_firmware, Ncs\-55a1\-36h\-Se\-S_firmware, Ncs\-55a2\-Mod\-Hd\-S_firmware, Ncs\-55a2\-Mod\-Hx\-S_firmware, Ncs\-55a2\-Mod\-S_firmware, Ncs\-55a2\-Mod\-Se\-H\-S_firmware, Ncs\-55a2\-Mod\-Se\-S_firmware | 9.8 | ||
| 2019-08-07 | CVE-2019-1918 | A vulnerability in the implementation of Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS-IS area to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of IS–IS link-state protocol data units (PDUs). An attacker could exploit this vulnerability by sending specific link-state PDUs to an affected system to be... | Carrier_routing_system, Ios_xr | 7.4 | ||
| 2019-04-17 | CVE-2019-1686 | A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affected device when Cisco Express Forwarding load balancing using the 3-tuple hash algorithm is enabled. An attacker could exploit this... | Ios_xr | 8.6 | ||
| 2019-11-26 | CVE-2019-15998 | A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attacker could exploit this vulnerability by connecting to an affected device using NETCONF over SSH. A successful exploit could allow the attacker to... | Ios_xr | 5.3 | ||
| 2018-05-02 | CVE-2018-0286 | A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on affected system. The vulnerability is due to improper handling of malformed requests processed by the netconf process. An attacker could exploit this vulnerability by sending malicious requests to the affected software. An exploit could allow the attacker to cause the targeted process to restart, resulting in a DoS condition on the... | Ios_xr | N/A | ||
| 2020-09-04 | CVE-2020-3473 | A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device. The vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker could exploit this vulnerability by first authenticating to the local CLI shell on the device and using the CLI command to bypass the task group–based checks. A... | Ios_xr | N/A | ||
| 2018-01-31 | CVE-2018-0136 | A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue... | Ios_xr | N/A | ||
| 2018-08-15 | CVE-2018-0418 | A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol (PTP) ingress traffic to an affected device. An attacker could exploit this vulnerability by injecting malformed traffic into an affected... | Ios_xr | N/A | ||
| 2020-06-18 | CVE-2020-3364 | A vulnerability in the access control list (ACL) functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the standby route processor management Gigabit Ethernet Management interface. The vulnerability is due to a logic error that was introduced in the Cisco IOS XR Software, which prevents the ACL from working when applied against the standby route processor management... | Ios_xr | N/A |