Cisco IOS XR vulnerabilities

CVE-2019-16018 [MEDIUM] CWE-399 CVE-2019-16018: A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functiona A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker cou

CVE-2019-15998 [MEDIUM] CWE-284 CVE-2019-15998: A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR S A vulnerability in the access-control logic of the NETCONF over Secure Shell (SSH) of Cisco IOS XR Software may allow connections despite an access control list (ACL) that is configured to deny access to the NETCONF over SSH of an affected device. The vulnerability is due to a missing check in the NETCONF over SSH access control list (ACL). An attac

CVE-2019-12709 [MEDIUM] CWE-78 CVE-2019-12709: A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Softwa A vulnerability in a CLI command related to the virtualization manager (VMAN) in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The vulnerability is due to insufficient validation of a

CVE-2019-1918 [HIGH] CWE-20 CVE-2019-1918: A vulnerability in the implementation of Intermediate System–to–Intermediate System (IS& A vulnerability in the implementation of Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS-IS area to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of IS–IS link-state protocol data units (PD

CVE-2019-1910 [HIGH] CWE-20 CVE-2019-1910: A vulnerability in the implementation of the Intermediate System–to–Intermediate System A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software could allow an unauthenticated attacker who is in the same IS–IS area to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of crafted IS–IS link-state protocol dat

CVE-2019-1909 [MEDIUM] CWE-20 CVE-2019-1909: A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by

CVE-2019-1846 [HIGH] CWE-20 CVE-2019-1846: A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintena A vulnerability in the Multiprotocol Label Switching (MPLS) Operations, Administration, and Maintenance (OAM) implementation of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to the

CVE-2019-1849 [MEDIUM] CWE-754 CVE-2019-1849: A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethern A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label Switching (MPLS)-based Ethernet VPN (EVPN) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition on an affected device. The vulnerability is due to a logic error that occurs when the affected softwar

CVE-2019-1649 [MEDIUM] CWE-284 CVE-2019-1649: A vulnerability in the logic that handles access control to one of the hardware components in Cisco' A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vuln

CVE-2019-1710 [CRITICAL] CWE-20 CVE-2019-1710: A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services R A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to access internal applications running on the sysadmin VM. The vulnerability is due to incorrect isolation of the secondary management interface from internal

CVE-2019-1711 [HIGH] CWE-20 CVE-2019-1711: A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR Software could allow a A vulnerability in the Event Management Service daemon (emsd) of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of gRPC requests. An attacker could exploit this vulnerability by repeatedly sending unauthenticated gRPC r

CVE-2019-1686 [HIGH] CWE-284 CVE-2019-1686: A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 900 A vulnerability in the TCP flags inspection feature for access control lists (ACLs) on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect processing of the ACL applied to an interface of an affecte

CVE-2019-1712 [HIGH] CWE-20 CVE-2019-1712: A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XR Software could a A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the PIM process to restart, resulting in a denial of service condition on an affected device. The vulnerability is due to the incorrect processing of crafted AutoRP packets. An attacker could exploit this v

CVE-2019-1681 [HIGH] CWE-200 CVE-2019-1681: A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could a A vulnerability in the TFTP service of Cisco Network Convergence System 1000 Series software could allow an unauthenticated, remote attacker to retrieve arbitrary files from the targeted device, possibly resulting in information disclosure. The vulnerability is due to improper validation of user-supplied input within TFTP requests processed by the affec

CVE-2018-15428 [MEDIUM] CWE-20 CVE-2018-15428: A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP update messages. An attacker could exploit this vulnerability by sending BGP update

CVE-2018-0418 [HIGH] CWE-400 CVE-2018-0418: A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series A A vulnerability in the Local Packet Transport Services (LPTS) feature set of Cisco ASR 9000 Series Aggregation Services Router Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a lack of input and validation checking on certain Precision Time Protocol

CVE-2018-0286 [MEDIUM] CWE-399 CVE-2018-0286: A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, re A vulnerability in the netconf interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on affected system. The vulnerability is due to improper handling of malformed requests processed by the netconf process. An attacker could exploit this vulnerability by sending malicious reques

CVE-2018-0241 [HIGH] CWE-399 CVE-2018-0241: A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an una A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to improper handling of UDP broadcast packets that are forwarded to an IPv4 helper address. An attacker could exploit this vulner

CVE-2018-0175 [HIGH] CWE-119 CVE-2018-0175: Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Softw Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCvd73664.

CVE-2018-0167 [HIGH] CWE-119 CVE-2018-0167: Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Ci Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCu