The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171.
Max CVSS
5.0
EPSS Score
0.13%
Published
2015-09-20
Updated
2016-12-29
Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806.
Max CVSS
5.0
EPSS Score
0.13%
Published
2015-04-11
Updated
2015-09-29
Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.
Max CVSS
7.5
EPSS Score
0.40%
Published
2014-10-05
Updated
2014-10-06
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.
Max CVSS
4.6
EPSS Score
0.79%
Published
2014-08-26
Updated
2017-08-29
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.
Max CVSS
6.1
EPSS Score
0.61%
Published
2014-07-24
Updated
2017-01-12
Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.
Max CVSS
5.7
EPSS Score
0.24%
Published
2014-07-18
Updated
2017-01-12
Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.
Max CVSS
6.4
EPSS Score
0.77%
Published
2014-07-07
Updated
2017-01-12
Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.
Max CVSS
7.1
EPSS Score
0.30%
Published
2014-06-14
Updated
2016-09-07
8 vulnerabilities found