Vulnerabilities > Cisco > IOS XR > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-08 | CVE-2021-1485 | Argument Injection or Modification vulnerability in Cisco IOS XR A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges on the underlying Linux operating system (OS) of an affected device. | 7.8 |
| 2021-02-04 | CVE-2021-1370 | OS Command Injection vulnerability in Cisco IOS XR A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and Network Convergence System 540 Series Routers running NCS540L software images could allow an authenticated, local attacker to elevate their privilege to root. | 7.8 |
| 2021-02-04 | CVE-2021-1313 | Memory Leak vulnerability in Cisco IOS XR Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2021-02-04 | CVE-2021-1288 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in the ingress packet processing function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2021-02-04 | CVE-2021-1243 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the Local Packet Transport Services (LPTS) programming of the SNMP with the management plane protection feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to allow connections despite the management plane protection that is configured to deny access to the SNMP server of an affected device. | 7.5 |
| 2020-11-12 | CVE-2020-26070 | Improper Resource Shutdown or Release vulnerability in Cisco IOS XR A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2020-09-23 | CVE-2019-16019 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
| 2020-09-23 | CVE-2019-16023 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2020-09-23 | CVE-2019-16021 | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
| 2020-09-23 | CVE-2020-3569 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XR Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. | 8.6 |