Page 15 of 106 results (0.032 seconds)

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash due to a system memory leak, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco IOS XR Software with gRPC enabled. More Information: CSCvb14433. Known Affected Releases: 6.1.1.BASE 6.2.1.BASE. Known Fixed Releases: 6.2.1.22i.MGBL 6.1.22.9i.MGBL 6.1.21.12i.MGBL 6.1.2.13i.MGBL. • http://www.securityfocus.com/bid/97464 http://www.securitytracker.com/id/1038191 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-ios • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. More Information: CSCva38434. Known Affected Releases: 6.1.1.BASE. Una vulnerabilidad en Cisco IOS XR Software podría permitir a un atacante local autenticado iniciar sesión en el dispositivo con los privilegios de root del usuario. Más Información: CSCva38434. • http://www.securityfocus.com/bid/94812 http://www.securitytracker.com/id/1037418 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-iosxr • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting in a denial of service (DoS) condition. More Information: CSCvb14425. Known Affected Releases: 6.1.1.BASE. Known Fixed Releases: 6.1.2.6i.MGBL 6.1.22.9i.MGBL 6.2.1.14i.MGBL. Una vulnerabilidad en la petición de código de manejo HTTP 2.0 de Cisco IOS XR Software podría permitir a un atacante remoto no autenticado provocar la caída del demonio Event Management Service (emsd), resultando en una condición de denegación de servicio (DoS). • http://www.securityfocus.com/bid/94813 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-xr • CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands as root by leveraging admin privileges, aka Bug ID CSCva38349. Cisco IOS XR 6.1.1 permite a usuarios locales ejecutar comandos de SO arbitrarios como root aprovechando privilegios de admin, vulnerabilidad también conocida como Bug ID CSCva38349. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-iosxr http://www.securityfocus.com/bid/93416 http://www.securitytracker.com/id/1036956 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of service (process restart) via a crafted OSPF Link State Advertisement (LSA) update, aka Bug ID CSCvb05643. Cisco IOS XR 5.2.2 permite a atacantes remotos provocar una denegación de servicio (reinicio del proceso) a través de una actualización OSPF Link State Advertisement (LSA) manipulada, vulnerabilidad también conocida como Bug ID CSCvb05643. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ospf http://www.securityfocus.com/bid/93212 http://www.securitytracker.com/id/1036909 • CWE-399: Resource Management Errors •