Cisco IOS XR vulnerabilities

CVE-2021-1389 [MEDIUM] CWE-284 CVE-2021-1389: A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for A vulnerability in the IPv6 traffic processing of Cisco IOS XR Software and Cisco NX-OS Software for certain Cisco devices could allow an unauthenticated, remote attacker to bypass an IPv6 access control list (ACL) that is configured for an interface of an affected device. The vulnerability is due to improper processing of IPv6 traffic that is sent th

CVE-2021-1136 [MEDIUM] CWE-347 CVE-2021-1136: Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when run Multiple vulnerabilities in Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on an affected device. For more information about these

CVE-2020-26070 [HIGH] CWE-404 CVE-2020-26070: A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 900 A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper resource allocation when an affected device processes network

CVE-2020-3284 [CRITICAL] CWE-284 CVE-2020-3284: A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64- A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. The PXE boot loader is part of the BIOS and runs over the management interface of hardware platforms that are runn

CVE-2019-16023 [HIGH] CWE-399 CVE-2019-16023: Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attac

CVE-2019-16019 [HIGH] CWE-399 CVE-2019-16019: Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attac

CVE-2020-3569 [HIGH] CWE-400 CVE-2020-3569: Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other p

CVE-2019-16021 [HIGH] CWE-399 CVE-2019-16021: Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attac

CVE-2020-3473 [HIGH] CWE-264 CVE-2020-3473: A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could a A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device. The vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker could exploit this vulnerab

CVE-2020-3530 [HIGH] CWE-264 CVE-2020-3530: A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could a A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The vulnerability is due to incorrect mapping in the source code of t

CVE-2020-3566 [HIGH] CWE-400 CVE-2020-3566: A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR So A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnera

CVE-2020-3449 [MEDIUM] CWE-754 CVE-2020-3449: A vulnerability in the Border Gateway Protocol (BGP) additional paths feature of Cisco IOS XR Softwa A vulnerability in the Border Gateway Protocol (BGP) additional paths feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent authorized users from monitoring the BGP status and cause the BGP process to stop processing new updates, resulting in a denial of service (DOS) condition. The vulnerability is due to an inco

CVE-2020-3364 [MEDIUM] CWE-284 CVE-2020-3364: A vulnerability in the access control list (ACL) functionality of the standby route processor manage A vulnerability in the access control list (ACL) functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach the configured IP addresses on the standby route processor management Gigabit Ethernet Management interface. The vulnerability is due to a logic error that

CVE-2020-3190 [MEDIUM] CWE-400 CVE-2020-3190: A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticate A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An attacker could exploit this vulnerability by sending mali

CVE-2020-3118 [HIGH] CWE-134 CVE-2020-3118: A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit t

CVE-2020-3120 [MEDIUM] CWE-190 CVE-2020-3120: A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software proce

CVE-2019-16020 [HIGH] CWE-399 CVE-2019-16020: Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attac

CVE-2019-15989 [HIGH] CWE-754 CVE-2019-15989: A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IO A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this v

CVE-2019-16022 [HIGH] CWE-399 CVE-2019-16022: Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attac

CVE-2019-16027 [MEDIUM] CWE-20 CVE-2019-16027: A vulnerability in the implementation of the Intermediate System–to–Intermediate System A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS–IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (S