CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-6599
https://notcve.org/view.php?id=CVE-2017-6599
A vulnerability in Google-defined remote procedure call (gRPC) handling in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash due to a system memory leak, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco IOS XR Software with gRPC enabled. More Information: CSCvb14433. Known Affected Releases: 6.1.1.BASE 6.2.1.BASE. Known Fixed Releases: 6.2.1.22i.MGBL 6.1.22.9i.MGBL 6.1.21.12i.MGBL 6.1.2.13i.MGBL. • http://www.securityfocus.com/bid/97464 http://www.securitytracker.com/id/1038191 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170405-ios • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9205
https://notcve.org/view.php?id=CVE-2016-9205
A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting in a denial of service (DoS) condition. More Information: CSCvb14425. Known Affected Releases: 6.1.1.BASE. Known Fixed Releases: 6.1.2.6i.MGBL 6.1.22.9i.MGBL 6.2.1.14i.MGBL. Una vulnerabilidad en la petición de código de manejo HTTP 2.0 de Cisco IOS XR Software podría permitir a un atacante remoto no autenticado provocar la caída del demonio Event Management Service (emsd), resultando en una condición de denegación de servicio (DoS). • http://www.securityfocus.com/bid/94813 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-xr • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9215
https://notcve.org/view.php?id=CVE-2016-9215
A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. More Information: CSCva38434. Known Affected Releases: 6.1.1.BASE. Una vulnerabilidad en Cisco IOS XR Software podría permitir a un atacante local autenticado iniciar sesión en el dispositivo con los privilegios de root del usuario. Más Información: CSCva38434. • http://www.securityfocus.com/bid/94812 http://www.securitytracker.com/id/1037418 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-iosxr • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6428
https://notcve.org/view.php?id=CVE-2016-6428
Cisco IOS XR 6.1.1 allows local users to execute arbitrary OS commands as root by leveraging admin privileges, aka Bug ID CSCva38349. Cisco IOS XR 6.1.1 permite a usuarios locales ejecutar comandos de SO arbitrarios como root aprovechando privilegios de admin, vulnerabilidad también conocida como Bug ID CSCva38349. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-iosxr http://www.securityfocus.com/bid/93416 http://www.securitytracker.com/id/1036956 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6421
https://notcve.org/view.php?id=CVE-2016-6421
Cisco IOS XR 5.2.2 allows remote attackers to cause a denial of service (process restart) via a crafted OSPF Link State Advertisement (LSA) update, aka Bug ID CSCvb05643. Cisco IOS XR 5.2.2 permite a atacantes remotos provocar una denegación de servicio (reinicio del proceso) a través de una actualización OSPF Link State Advertisement (LSA) manipulada, vulnerabilidad también conocida como Bug ID CSCvb05643. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160928-ospf http://www.securityfocus.com/bid/93212 http://www.securitytracker.com/id/1036909 • CWE-399: Resource Management Errors •