Vulnerabilities > Cisco > IOS XR > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-07 | CVE-2019-1918 | Incorrect Calculation vulnerability in Cisco Carrier Routing System and IOS XR A vulnerability in the implementation of Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS-IS area to cause a denial of service (DoS) condition. | 6.1 |
| 2019-07-06 | CVE-2019-1909 | Improper Input Validation vulnerability in Cisco IOS XR A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. | 4.3 |
| 2019-05-16 | CVE-2019-1849 | Improper Check for Unusual or Exceptional Conditions vulnerability in Cisco IOS XR A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. | 6.1 |
| 2019-05-16 | CVE-2019-1846 | Improper Input Validation vulnerability in Cisco IOS XR 5.3.3 A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. | 6.1 |
| 2019-05-13 | CVE-2019-1649 | Improper Locking vulnerability in Cisco products A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. | 6.7 |
| 2019-04-17 | CVE-2019-1712 | Improper Input Validation vulnerability in Cisco IOS XR A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the PIM process to restart, resulting in a denial of service condition on an affected device. | 5.0 |
| 2019-04-17 | CVE-2019-1711 | Improper Input Validation vulnerability in Cisco IOS XR A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 5.0 |
| 2019-04-17 | CVE-2019-1686 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. | 5.0 |
| 2018-10-05 | CVE-2018-15428 | Improper Input Validation vulnerability in Cisco IOS XR A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 4.3 |
| 2018-05-02 | CVE-2018-0286 | Improper Handling of Exceptional Conditions vulnerability in Cisco IOS XR 6.3.1/6.3.2/6.5.1 A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on affected system. | 5.0 |