| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of Cisco IOS XR
Cisco IOS XR: information disclosure via SSH Double Authentication
Synthesis of the vulnerability
An attacker can bypass access restrictions to data via SSH Double Authentication of Cisco IOS XR, in order to obtain sensitive information.
Impacted products: Cisco ASR, IOS XR Cisco.
Severity: 2/4.
Consequences: data reading.
Provenance: user account.
Creation date: 06/06/2019.
Identifiers: CERTFR-2019-AVI-248, cisco-sa-20190605-iosxr-ssh, CSCvo03672, CVE-2019-1842, VIGILANCE-VUL-29476.
Description of the vulnerability
An attacker can bypass access restrictions to data via SSH Double Authentication of Cisco IOS XR, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial) |
Cisco IOS XR: denial of service via MPLS OAM
Synthesis of the vulnerability
An attacker can trigger a fatal error via MPLS OAM of Cisco IOS XR, in order to trigger a denial of service.
Impacted products: Cisco ASR, IOS XR Cisco.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: LAN.
Creation date: 16/05/2019.
Identifiers: CERTFR-2019-AVI-228, cisco-sa-20190515-iosxr-mpls-dos, CVE-2019-1846, VIGILANCE-VUL-29343.
Description of the vulnerability
An attacker can trigger a fatal error via MPLS OAM of Cisco IOS XR, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Cisco IOS XR: denial of service via MPLS
Synthesis of the vulnerability
An attacker can trigger a fatal error via MPLS of Cisco IOS XR, in order to trigger a denial of service.
Impacted products: Cisco ASR, IOS XR Cisco, Cisco Router.
Severity: 2/4.
Consequences: data flow, denial of service on server, denial of service on service, denial of service on client.
Provenance: LAN.
Creation date: 16/05/2019.
Identifiers: CERTFR-2019-AVI-228, cisco-sa-20190515-iosxr-evpn-dos, CSCvk35997, CVE-2019-1849, VIGILANCE-VUL-29319.
Description of the vulnerability
An attacker can trigger a fatal error via MPLS of Cisco IOS XR, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Cisco IOS XR: denial of service via PIM
Synthesis of the vulnerability
An attacker can trigger a fatal error via PIM of Cisco IOS XR, in order to trigger a denial of service.
Impacted products: Cisco ASR, Cisco Catalyst, IOS XR Cisco, Cisco Router.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: intranet client.
Creation date: 18/04/2019.
Identifiers: cisco-sa-20190417-iosxr-pim-dos, CSCvg43676, CVE-2019-1712, VIGILANCE-VUL-29084.
Description of the vulnerability
An attacker can trigger a fatal error via PIM of Cisco IOS XR, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Cisco IOS XR: denial of service via BGP
Synthesis of the vulnerability
An attacker can generate a fatal error via BGP of Cisco IOS XR, in order to trigger a denial of service.
Impacted products: Cisco ASR, IOS XR Cisco, Cisco Router.
Severity: 3/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 04/10/2018.
Identifiers: CERTFR-2018-AVI-468, cisco-sa-20181003-iosxr-dos, CSCvj58445, CVE-2018-15428, VIGILANCE-VUL-27404.
Description of the vulnerability
An attacker can generate a fatal error via BGP of Cisco IOS XR, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Cisco IOS XR: denial of service via netconf
Synthesis of the vulnerability
An attacker can generate a fatal error via netconf of Cisco IOS XR, in order to trigger a denial of service.
Impacted products: IOS XR Cisco, Cisco Router.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: intranet client.
Creation date: 03/05/2018.
Identifiers: CERTFR-2018-AVI-211, cisco-sa-20180502-iosxr, CSCvg95792, CVE-2018-0286, VIGILANCE-VUL-26033.
Description of the vulnerability
An attacker can generate a fatal error via netconf of Cisco IOS XR, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Cisco IOS XR: denial of service via UDP Broadcast Forwarding
Synthesis of the vulnerability
An attacker can generate a fatal error via UDP Broadcast Forwarding of Cisco IOS XR, in order to trigger a denial of service.
Impacted products: IOS XR Cisco, Cisco Router.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: LAN.
Creation date: 19/04/2018.
Identifiers: CERTFR-2018-AVI-194, cisco-sa-20180418-iosxr, CSCvi35625, CVE-2018-0241, VIGILANCE-VUL-25924.
Description of the vulnerability
An attacker can generate a fatal error via UDP Broadcast Forwarding of Cisco IOS XR, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Cisco IOS / IOS XE / IOS XR: memory corruption via LLDP
Synthesis of the vulnerability
An attacker can generate a memory corruption via LLDP of Cisco IOS / IOS XE / IOS XR, in order to trigger a denial of service, and possibly to run code.
Impacted products: Cisco Catalyst, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, Cisco Router.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on server, denial of service on service.
Provenance: LAN.
Number of vulnerabilities in this bulletin: 2.
Creation date: 29/03/2018.
Identifiers: CERTFR-2018-AVI-156, cisco-sa-20180328-lldp, CSCuo17183, CSCvd73487, CSCvd73664, CVE-2018-0167, CVE-2018-0175, VIGILANCE-VUL-25697.
Description of the vulnerability
An attacker can generate a memory corruption via LLDP of Cisco IOS / IOS XE / IOS XR, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial) |
Cisco IOS XR: denial of service via routing table corruption
Synthesis of the vulnerability
An attacker can trigger a corruption of the routing table in Cisco IOS XR, in order to block traffic forwarding.
Impacted products: Cisco ASR, IOS XR Cisco, Cisco Router.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet server.
Creation date: 08/02/2018.
Identifiers: cisco-sa-20180207-iosxr, CVE-2018-0132, VIGILANCE-VUL-25250.
Description of the vulnerability
An attacker can trigger a corruption of the routing table in Cisco IOS XR, in order to block traffic forwarding.
Full Vigil@nce bulletin... (Free trial) |
Cisco ASR: denial of service via IPv6 segmentation
Synthesis of the vulnerability
An attacker can send segmented IPv6 packets to Cisco ASR, in order to trigger a denial of service.
Impacted products: Cisco ASR, IOS XR Cisco.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: internet client.
Creation date: 01/02/2018.
Identifiers: CERTFR-2018-AVI-064, cisco-sa-20180131-ipv6, CVE-2018-0136, VIGILANCE-VUL-25189.
Description of the vulnerability
An attacker can send segmented IPv6 packets to Cisco ASR, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about Cisco IOS XR:
|