Vulnerabilities > Cisco > IOS XR > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-05-31 | CVE-2012-2488 | Improper Input Validation vulnerability in Cisco products Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593. | 7.8 |
| 2012-05-02 | CVE-2011-3295 | Improper Input Validation vulnerability in Cisco IOS XR The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as used in Cisco Carrier Routing System and other products, allow remote attackers to cause a denial of service (CPU consumption) via crafted network traffic, aka Bug ID CSCti59888. | 7.8 |
| 2011-07-28 | CVE-2011-2549 | Denial of Service vulnerability in Cisco ASR 9006 Router, ASR 9010 Router and IOS XR Unspecified vulnerability in Cisco IOS XR 4.1.x before 4.1.1 on Cisco Aggregation Services Routers (ASR) 9000 series devices allows remote attackers to cause a denial of service (line-card reload) via an IPv4 packet, aka Bug ID CSCtr26695. | 7.8 |
| 2011-05-31 | CVE-2011-1651 | Resource Management Errors vulnerability in Cisco IOS XR Cisco IOS XR 3.9.x and 4.0.x before 4.0.3 and 4.1.x before 4.1.1, when an SPA interface processor is installed, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 packet, aka Bug ID CSCto45095. | 7.8 |
| 2011-05-31 | CVE-2011-0949 | Resource Management Errors vulnerability in Cisco IOS XR Cisco IOS XR 3.6.x, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 does not properly remove sshd_lock files from /tmp/, which allows remote attackers to cause a denial of service (disk consumption) by making many SSHv1 connections, aka Bug ID CSCtd64417. | 7.8 |
| 2011-05-31 | CVE-2011-0943 | Resource Management Errors vulnerability in Cisco IOS XR 3.8.3/3.8.4/3.9.1 Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 allows remote attackers to cause a denial of service (NetIO process restart or device reload) via a crafted IPv4 packet, aka Bug ID CSCth44147. | 7.8 |
| 2010-03-25 | CVE-2010-0576 | Denial of Service vulnerability in Cisco IOS Multiprotocol Label Switching (MPLS) Malformed Packet Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 and CSCsj25893. | 7.8 |
| 2010-01-21 | CVE-2010-0137 | Remote Denial of Service vulnerability in Cisco IOS XR SSH Protocol Implementation Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574. | 7.8 |
| 2009-03-27 | CVE-2009-0637 | Permissions, Privileges, and Access Controls vulnerability in Cisco IOS The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command. | 7.1 |
| 2008-05-22 | CVE-2008-1159 | Denial of Service vulnerability in Cisco IOS S, IOS T and IOS XR Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293. network cisco | 7.1 |