Vulnerabilities
Vulnerable Software
Cisco:  >> Ios Xr  >> 3.5.4  Security Vulnerabilities
The SNMP module in Cisco IOS XR allows remote attackers to cause a denial of service (process reload) via a request for an unspecified MIB, aka Bug ID CSCuh43144.
CVSS Score
5.0
EPSS Score
0.005
Published
2013-11-29
The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ASR 9000 Integrated Service Module (ISM) in Cisco IOS XR allows remote attackers to cause a denial of service (module reset) via crafted packet streams, aka Bug ID CSCue91963.
CVSS Score
5.0
EPSS Score
0.009
Published
2013-09-27
The RIP process in Cisco IOS XR allows remote attackers to cause a denial of service (process crash) via a crafted version-2 RIP packet, aka Bug ID CSCue46731.
CVSS Score
5.0
EPSS Score
0.01
Published
2013-08-30
Memory leak in the SNMP process in Cisco IOS XR allows remote attackers to cause a denial of service (memory consumption or process reload) by sending many port-162 UDP packets, aka Bug ID CSCug80345.
CVSS Score
5.0
EPSS Score
0.005
Published
2013-05-23
The SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (process restart) via crafted SNMP packets, aka Bug ID CSCue69472.
CVSS Score
4.0
EPSS Score
0.004
Published
2013-05-03
Memory leak in the SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (memory consumption and process restart) via crafted SNMP packets, aka Bug ID CSCue31546.
CVSS Score
4.0
EPSS Score
0.004
Published
2013-04-29
The traffic engineering (TE) processing subsystem in Cisco IOS XR allows remote attackers to cause a denial of service (process restart) via crafted TE packets, aka Bug ID CSCue04000.
CVSS Score
5.0
EPSS Score
0.005
Published
2013-03-26
Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593.
CVSS Score
7.8
EPSS Score
0.004
Published
2012-05-31
CVE-2010-3035
Known exploited
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211.
CVSS Score
7.5
EPSS Score
0.058
Published
2010-08-30
Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574.
CVSS Score
7.8
EPSS Score
0.013
Published
2010-01-21


Contact Us

Shodan ® - All rights reserved