Vulnerabilities > Cisco > IOS XR > 4.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-09-20 | CVE-2014-3376 | Improper Input Validation vulnerability in Cisco IOS XR Cisco IOS XR 5.1 and earlier allows remote attackers to cause a denial of service (process reload) via a malformed RSVP packet, aka Bug ID CSCuq12031. | 5.0 |
| 2014-09-04 | CVE-2014-3353 | Resource Management Errors vulnerability in Cisco IOS XR Cisco IOS XR 4.3(.2) and earlier, as used in Cisco Carrier Routing System (CRS), allows remote attackers to cause a denial of service (CPU consumption and IPv6 packet drops) via a malformed IPv6 packet, aka Bug ID CSCuo95165. | 7.1 |
| 2014-08-26 | CVE-2014-3335 | Improper Input Validation vulnerability in Cisco products Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750. | 4.6 |
| 2014-07-24 | CVE-2014-3322 | Improper Input Validation vulnerability in Cisco products Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417. | 6.1 |
| 2014-07-18 | CVE-2014-3321 | Improper Input Validation vulnerability in Cisco products Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149. | 5.7 |
| 2013-10-25 | CVE-2013-5549 | Unspecified vulnerability in Cisco IOS XR Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented packets within the RP-A, RP-B, PRP, and DRP-B route-processor components, which allows remote attackers to cause a denial of service (transmission outage) via (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCuh30380. network cisco | 7.1 |
| 2013-08-13 | CVE-2013-3464 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS XR Cisco IOS XR allows local users to cause a denial of service (Silicon Packet Processor memory corruption, improper mutex handling, and device reload) by starting an outbound flood of large ICMP Echo Request packets and stopping this with a CTRL-C sequence, aka Bug ID CSCui60347. | 4.6 |
| 2012-05-31 | CVE-2012-2488 | Improper Input Validation vulnerability in Cisco products Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593. | 7.8 |
| 2012-05-02 | CVE-2011-3295 | Improper Input Validation vulnerability in Cisco IOS XR The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as used in Cisco Carrier Routing System and other products, allow remote attackers to cause a denial of service (CPU consumption) via crafted network traffic, aka Bug ID CSCti59888. | 7.8 |
| 2011-05-31 | CVE-2011-1651 | Resource Management Errors vulnerability in Cisco IOS XR Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095. | 7.8 |