Vulnerabilities > Cisco > IOS XR > 7.1.2

DATE CVE VULNERABILITY TITLE RISK
2020-09-23 CVE-2020-3569 Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XR
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash.
network
low complexity
cisco CWE-770
8.6
2020-09-04 CVE-2020-3473 Incorrect Authorization vulnerability in Cisco IOS XR
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device.
local
low complexity
cisco CWE-863
7.8