threat
engine
.sh
Back
·
··:··
Home
/
Product
/
cisco ios xr
Product
cisco ios xr
193 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-20363
all versions
A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Thr
9.0
CRITICAL
CVE-2025-20154
all versions
A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software
8.6
HIGH
CVE-2025-20209
all versions
A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software could allow an unauthenticated, r
7.5
HIGH
CVE-2025-20177
< 7.11.21
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR i
6.7
MEDIUM
CVE-2025-20146
all versions
A vulnerability in the Layer 3 multicast feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers,
8.6
HIGH
CVE-2025-20145
all versions
A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauth
5.8
MEDIUM
CVE-2025-20144
all versions
A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS XR Software could allow an unauthe
4.0
MEDIUM
CVE-2025-20143
< 7.9.1
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to
6.7
MEDIUM
CVE-2025-20142
all versions
A vulnerability in the IPv4 access control list (ACL) feature and quality of service (QoS) policy feature of Cisco IOS XR Software
8.6
HIGH
CVE-2025-20141
all versions
A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software
7.4
HIGH
CVE-2025-20138
< 24.2.21
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as
8.8
HIGH
CVE-2025-20115
all versions
A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in Cisco IOS XR Software could allow an
8.6
HIGH
CVE-2025-20172
all versions
A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authe
7.7
HIGH
CVE-2021-1440
>= 4.3.0 and < 7.3.1
A vulnerability in the implementation of the Resource Public Key Infrastructure (RPKI) feature of Cisco IOS XR Software could
6.8
MEDIUM
CVE-2022-20849
all versions
A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an un
6.1
MEDIUM
CVE-2022-20846
all versions
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated,
4.3
MEDIUM
CVE-2024-20489
all versions
A vulnerability in the storage method of the PON Controller configuration file could allow an authenticated, local attacker with l
8.4
HIGH
CVE-2024-20483
all versions
Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker container on hardware that is supported b
7.2
HIGH
CVE-2024-20406
>= 6.8.1 and < 7.0.0
A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR
7.4
HIGH
CVE-2024-20398
all versions
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system
8.8
HIGH
CVE-2024-20390
< 24.1.2
A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cau
5.3
MEDIUM
CVE-2024-20381
all versions
A vulnerability in the JSON-RPC API feature in Cisco Crosswork Network Services Orchestrator (NSO) and ConfD that is used by the w
8.8
HIGH
CVE-2024-20343
all versions
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to read any file in the file syst
5.5
MEDIUM
CVE-2024-20317
all versions
A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System
7.4
HIGH
CVE-2024-20304
all versions
A vulnerability in the multicast traceroute version 2 (Mtrace2) feature of Cisco IOS XR Software could allow an unauthenticated, r
8.6
HIGH
CVE-2024-20456
all versions
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to
6.7
MEDIUM
CVE-2024-20327
< 7.9.21
A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregatio
7.4
HIGH
CVE-2024-20322
all versions
A vulnerability in the access control list (ACL) processing on Pseudowire interfaces in the ingress direction of Cisco IOS XR Soft
5.8
MEDIUM
CVE-2024-20320
all versions
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence Sys
7.8
HIGH
CVE-2024-20319
all versions
A vulnerability in the UDP forwarding code of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to bypass co
4.3
MEDIUM
CVE-2023-44487
< 7.11.2
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams q
7.5
HIGH
CVE-2023-20236
< 7.10.1
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unve
6.7
MEDIUM
CVE-2023-20233
< 7.5.4
A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could allow an unauthenticated, remote
4.3
MEDIUM
CVE-2023-20191
< 7.7.21
A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software c
5.8
MEDIUM
CVE-2023-20190
< 7.3.5
A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticat
5.8
MEDIUM
CVE-2023-20135
>= 7.5.2 and < 7.6
A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitra
5.7
MEDIUM
CVE-2023-20064
< 7.9.1
A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with phys
4.6
MEDIUM
CVE-2023-20049
< 7.5.3
A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 90
8.6
HIGH
CVE-2022-20821
all versions
A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Red
6.5
MEDIUM
CVE-2022-20758
< 6.8.2
A vulnerability in the implementation of the Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Softw
6.8
MEDIUM
CVE-2022-20714
all versions
A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers c
8.6
HIGH
CVE-2021-40120
all versions
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticat
6.5
MEDIUM
CVE-2021-34714
<= 8.4\(3.115\)
A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Softw
7.4
HIGH
CVE-2021-34771
< 7.3.2
A vulnerability in the Cisco IOS XR Software CLI could allow an authenticated, local attacker to view more information than their
5.5
MEDIUM
CVE-2021-34737
< 7.3.2
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote atta
5.8
MEDIUM
CVE-2021-34728
< 7.3.2
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged ac
7.8
HIGH
CVE-2021-34722
>= 7.1.1 and < 7.3.2
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the un
6.7
MEDIUM
CVE-2021-34721
< 7.3.2
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the un
6.7
MEDIUM
CVE-2021-34720
< 6.2.3
A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of
8.6
HIGH
CVE-2021-34719
< 7.3.2
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged ac
7.8
HIGH
CVE-2021-34718
< 7.3.2
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and
8.1
HIGH
CVE-2021-34713
>= 6.4 and < 6.6.3
A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers co
7.4
HIGH
CVE-2021-34709
< 7.3.2
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when runn
6.0
MEDIUM
CVE-2021-34708
< 7.3.2
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when runn
6.0
MEDIUM
CVE-2021-1485
< 7.3.1
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to inject arbitrary commands that
6.6
MEDIUM
CVE-2021-1389
< 6.6.3
A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could a
5.8
MEDIUM
CVE-2021-1370
< 7.0.12
A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and Network Convergence System 540 Ser
7.8
HIGH
CVE-2021-1313
>= 5.0.0 and < 5.2.6
Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote
8.6
HIGH
CVE-2021-1288
>= 5.0.0 and < 5.2.6
Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote
8.6
HIGH
CVE-2021-1268
< 6.7.3
A vulnerability in the IPv6 protocol handling of the management interfaces of Cisco IOS XR Software could allow an unauthenticated
7.4
HIGH
CVE-2021-1244
< 7.0.12
Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L soft
6.7
MEDIUM
CVE-2021-1243
> 6.1.1 and < 6.6.4
A vulnerability in the Local Packet Transport Services (LPTS) programming of the SNMP with the management plane protection feature
5.3
MEDIUM
CVE-2021-1136
< 7.0.12
Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L soft
6.7
MEDIUM
CVE-2021-1128
< 7.1.2
A vulnerability in the CLI parser of Cisco IOS XR Software could allow an authenticated, local attacker to view more information t
5.5
MEDIUM
CVE-2020-26070
< 6.7.2
A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services
8.6
HIGH
CVE-2020-3284
< 6.5.2
A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an un
9.8
CRITICAL
CVE-2020-3569
< 6.5.2
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an
8.6
HIGH
CVE-2019-16023
all versions
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR
7.5
HIGH
CVE-2019-16021
all versions
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR
7.5
HIGH
CVE-2019-16019
all versions
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR
8.6
HIGH
CVE-2020-3530
< 7.1.2
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local a
8.4
HIGH
CVE-2020-3473
>= 5.0.0 and < 7.0.12
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local C
7.8
HIGH
CVE-2020-3566
all versions
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthen
8.6
HIGH
CVE-2020-3449
< 7.1.2
A vulnerability in the Border Gateway Protocol (BGP) additional paths feature of Cisco IOS XR Software could allow an unauthentica
4.3
MEDIUM
CVE-2020-3364
all versions
A vulnerability in the access control list (ACL) functionality of the standby route processor management interface of Cisco IOS XR
5.3
MEDIUM
CVE-2020-3217
all versions
A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software,
8.8
HIGH
CVE-2020-3190
< 6.4.3
A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a d
5.8
MEDIUM
CVE-2020-3120
all versions
A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Sof
6.5
MEDIUM
CVE-2020-3118
>= 6.6.0 and < 6.6.12
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent
8.8
HIGH
CVE-2019-16027
all versions
A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol
6.5
MEDIUM
CVE-2019-16022
all versions
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR
8.6
HIGH
CVE-2019-16020
all versions
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR
8.6
HIGH
CVE-2019-16018
all versions
A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software
6.5
MEDIUM
CVE-2019-15989
all versions
A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an u
8.6
HIGH
CVE-2019-15998
all versions
A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections
5.3
MEDIUM
CVE-2019-12709
>= 5.1.0 and < 6.5.3
A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series A
6.7
MEDIUM
CVE-2019-1918
>= 6.5.2 and < 6.6.3
A vulnerability in the implementation of Intermediate System–to–Intermediate System (IS–IS) routing protocol fun
7.4
HIGH
CVE-2019-1910
< 6.6.3
A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol
7.4
HIGH
CVE-2019-1909
>= 4.3.1 and < 6.6.2
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unaut
6.8
MEDIUM
CVE-2019-1849
>= 6.1.0 and < 6.3.3
A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation o
7.4
HIGH
CVE-2019-1846
all versions
A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Ci
7.4
HIGH
CVE-2019-1649
all versions
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot impl
6.7
MEDIUM
CVE-2019-1712
< 6.2.3
A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XR Software could allow an unauthenticated, remot
5.8
MEDIUM
CVE-2019-1711
>= 6.1.0 and < 6.5.1
A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR Software could allow an unauthenticated, remote atta
5.3
MEDIUM
CVE-2019-1710
< 6.5.3
A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64
9.8
CRITICAL
CVE-2019-1686
>= 5.1.1 and < 6.5.2
A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services
8.6
HIGH
CVE-2019-1681
< 6.5.2
A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remot
7.5
HIGH
CVE-2018-15428
all versions
A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unaut
6.8
MEDIUM
CVE-2018-0418
<= 6.3.3_base
A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Sof
8.6
HIGH
CVE-2018-0286
all versions
A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denia
5.3
MEDIUM
CVE-2018-0241
all versions
A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacke
7.4
HIGH
CVE-2018-0175
all versions
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, an
8.0
HIGH
CVE-2018-0167
>= 4.1 and < 5.1.3
Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE
8.8
HIGH
CVE-2018-0136
all versions
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000
8.6
HIGH
CVE-2017-12355
all versions
A vulnerability in the Local Packet Transport Services (LPTS) ingress frame-processing functionality of Cisco IOS XR Software coul
5.3
MEDIUM
CVE-2017-12270
all versions
A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could all
7.5
HIGH
CVE-2017-6731
all versions
A vulnerability in Multicast Source Discovery Protocol (MSDP) ingress packet processing for Cisco IOS XR Software could allow an u
7.5
HIGH
CVE-2017-6728
all versions
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary code at the
7.0
HIGH
CVE-2017-6719
all versions
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands on
6.7
MEDIUM
CVE-2017-6718
all versions
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root
6.7
MEDIUM
CVE-2017-6666
all versions
A vulnerability in the forwarding component of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Router
6.0
MEDIUM
CVE-2017-3876
all versions
A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR routers could allow an unauthenticated, remote attac
7.5
HIGH
CVE-2017-6599
all versions
A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, r
5.3
MEDIUM
CVE-2016-9215
all versions
A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges
7.8
HIGH
CVE-2016-9205
all versions
A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to
7.5
HIGH
CVE-2016-6428
all versions
Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands as root by leveraging admin privileges, aka Bug ID CSCva383
7.8
HIGH
CVE-2016-6421
all versions
Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of service (process restart) via a crafted OSPF Link State Advertisem
5.3
MEDIUM
CVE-2016-6415
>= 4.3.0 and <= 4.3.4
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x
7.5
HIGH
CVE-2016-1433
all versions
Cisco IOS XR 6.0 and 6.0.1 on NCS 6000 devices allows remote attackers to cause a denial of service (OSPFv3 process reload) via cr
5.3
MEDIUM
CVE-2016-6355
all versions
Memory leak in Cisco IOS XR 5.1.x through 5.1.3, 5.2.x through 5.2.5, and 5.3.x through 5.3.2 on ASR 9001 devices allows remote at
7.5
HIGH
CVE-2016-1456
all versions
The CLI in Cisco IOS XR 6.x through 6.0.1 allows local users to execute arbitrary OS commands in a privileged context by leveragin
7.8
HIGH
CVE-2016-1426
all versions
Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service (timer consumption and Rou
7.5
HIGH
CVE-2016-1409
all versions
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.
7.5
HIGH
CVE-2016-1407
all versions
Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services (LPTS) flow-base entries, which allows remote attackers to c
7.5
HIGH
CVE-2016-1376
all versions
Cisco IOS XR 4.2.3, 4.3.0, 4.3.4, and 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (CRC and symb
5.3
MEDIUM
CVE-2016-1366
all versions
The SCP and SFTP modules in Cisco IOS XR 5.0.0 through 5.2.5 on Network Convergence System 6000 devices use weak permissions for s
6.5
MEDIUM
CVE-2016-1361
all versions
Cisco IOS XR through 4.3.2 on Gigabit Switch Router (GSR) 12000 devices does not properly check for a Bidirectional Forwarding Det
5.3
MEDIUM
CVE-2015-6432
all versions
Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Compu
7.5
HIGH
CVE-2015-6301
all versions
The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (
CVE-2015-6297
all versions
The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (
CVE-2015-4285
all versions
The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5.2.2 on ASR9k devices makes in
CVE-2015-4284
all versions
The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows remote attackers to cause a de
CVE-2015-4223
all versions
Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of service (process reload) via crafted MPLS Label Distribution Proto
CVE-2015-4205
all versions
Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chip reset or line-card reload) b
CVE-2015-4195
all versions
Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a denial of service (vty error, and SSH and TELNET outage) via
CVE-2015-4191
all versions
Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka
CVE-2015-0776
all versions
telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (dev
CVE-2015-0695
all versions
Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridg
CVE-2015-0694
all versions
Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which all
CVE-2015-0672
all versions
The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage)
CVE-2015-0661
all versions
The SNMPv2 implementation in Cisco IOS XR allows remote authenticated users to cause a denial of service (snmpd daemon reload) via
CVE-2015-0657
all versions
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CS
CVE-2015-0618
all versions
Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS
CVE-2014-8014
all versions
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CS
CVE-2014-8005
<= 5.1.0
Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote att
CVE-2014-8004
all versions
Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, ak
CVE-2014-3396
all versions
Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote
CVE-2014-3379
all versions
Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (NPU
CVE-2014-3378
all versions
tacacsd in Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed TACA
CVE-2014-3377
all versions
snmpd in Cisco IOS XR 5.1 and earlier allows remote authenticated users to cause a denial of service (process reload) via a malfor
CVE-2014-3376
all versions
Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, ak
CVE-2014-3342
all versions
The CLI in Cisco IOS XR allows remote authenticated users to obtain sensitive information via unspecified commands, aka Bug IDs CS
CVE-2014-3343
all versions
Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (DHCPv6 daemon crash) via a malformed DHCPv6 packet, aka Bug
CVE-2014-3353
<= 4.3.2
Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of serv
CVE-2014-3335
<= 4.3.2
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destinat
CVE-2014-3322
<= 4.3.2
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote
CVE-2014-3321
<= 4.3.4
Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote at
CVE-2014-3308
all versions
Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denia
CVE-2014-2176
all versions
Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a d
CVE-2014-3271
all versions
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (device crash) via a malformed pack
CVE-2014-3270
all versions
The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed pack
CVE-2014-2144
all versions
Cisco IOS XR does not properly throttle ICMPv6 redirect packets, which allows remote attackers to cause a denial of service (IPv4
CVE-2013-6700
all versions
The SNMP module in Cisco IOS XR allows remote attackers to cause a denial of service (process reload) via a request for an unspeci
CVE-2013-5565
all versions
The OSPFv3 functionality in Cisco IOS XR 5.1 allows remote attackers to cause a denial of service (process crash) via a malformed
CVE-2013-5549
all versions
Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented packets within the RP-A, RP-B, PRP, and DRP-B route-processo
CVE-2013-5503
all versions
The UDP process in Cisco IOS XR 4.3.1 does not free packet memory upon detecting full packet queues, which allows remote attackers
CVE-2013-5498
all versions
The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ASR 9000 Integrated Service Module (ISM) in Cisco IOS XR al
CVE-2013-3470
all versions
The RIP process in Cisco IOS XR allows remote attackers to cause a denial of service (process crash) via a crafted version-2 RIP p
CVE-2013-3464
all versions
Cisco IOS XR allows local users to cause a denial of service (Silicon Packet Processor memory corruption, improper mutex handling,
CVE-2013-1204
all versions
Memory leak in the SNMP process in Cisco IOS XR allows remote attackers to cause a denial of service (memory consumption or proces
CVE-2013-1234
all versions
The SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (process restart) via crafted SNMP
CVE-2013-1216
all versions
Memory leak in the SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (memory consumption
CVE-2013-1162
all versions
The traffic engineering (TE) processing subsystem in Cisco IOS XR allows remote attackers to cause a denial of service (process re
CVE-2012-4617
all versions
The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, and IOS XR 4.1.0 through 4.2.2 allows remote attackers to c
CVE-2012-2488
<= 4.2.0
Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (
CVE-2011-3295
all versions
The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as used in Cisco Carrier Routing System and other products, allow
CVE-2011-2549
all versions
Unspecified vulnerability in Cisco IOS XR 4.1.x before 4.1.1 on Cisco Aggregation Services Routers (ASR) 9000 series devices allow
CVE-2011-1651
all versions
Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote atta
CVE-2011-0949
all versions
Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows r
CVE-2011-0943
all versions
Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO process restart or device reload)
CVE-2010-3035
>= 3.4.0 and <= 3.9.1
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows r
7.5
HIGH
CVE-2010-0576
all versions
Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3,
CVE-2010-0137
all versions
Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote at
CVE-2009-2056
<= 3.8.1
Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involvin
CVE-2009-1154
<= 3.8.1
Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message,
CVE-2009-2055
all versions
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message wit
5.9
MEDIUM
CVE-2009-0637
all versions
The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration
CVE-2009-0629
all versions
The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Cl
CVE-2008-1159
all versions
Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (devi
CVE-2007-4430
all versions
Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device r
CVE-2006-1928
all versions
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attacker
CVE-2006-1927
all versions
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers,
CVE-2005-2451
all versions
Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin