Vulnerabilities > Cisco > IOS XR > 7.4.1

DATE CVE VULNERABILITY TITLE RISK
2021-09-09 CVE-2021-34728 OS Command Injection vulnerability in Cisco IOS XR
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device.
local
low complexity
cisco CWE-78
7.8
2021-09-09 CVE-2021-34737 NULL Pointer Dereference vulnerability in Cisco IOS XR
A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-476
7.5