CVSS: 8.6EPSS: 0%CPEs: 86EXPL: 0CVE-2019-15989 – Cisco IOS XR Software Border Gateway Protocol Attribute Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-15989
A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.2EPSS: 0%CPEs: 211EXPL: 0CVE-2019-1649 – Cisco Secure Boot Hardware Tampering Vulnerability
https://notcve.org/view.php?id=CVE-2019-1649
A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality. The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image. • http://www.securityfocus.com/bid/108350 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot https://www.kb.cert.org/vuls/id/400865 https://www.us-cert.gov/ics/advisories/icsa-20-072-03 • CWE-284: Improper Access Control CWE-667: Improper Locking •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-1710 – Cisco IOS XR 64-Bit Software for Cisco ASR 9000 Series Aggregation Services Routers Network Isolation Vulnerability
https://notcve.org/view.php?id=CVE-2019-1710
A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to access internal applications running on the sysadmin VM. The vulnerability is due to incorrect isolation of the secondary management interface from internal sysadmin applications. An attacker could exploit this vulnerability by connecting to one of the listening internal applications. A successful exploit could result in unstable conditions, including both a denial of service and remote unauthenticated access to the device. This vulnerability has been fixed in Cisco IOS XR 64-bit Software Release 6.5.3 and 7.0.1, which will edit the calvados_boostrap.cfg file and reload the device. • http://www.securityfocus.com/bid/108007 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-asr9k-exr • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2014-3396
https://notcve.org/view.php?id=CVE-2014-3396
Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133. Cisco IOS XR en los dispositivos ASR 9000 no utiliza debidamente la compresión para la codificación de los rangos de puertos y los rangos de direcciones, lo que permite a atacantes remotos evadir las restricciones ACL de la tarjeta de línea Typhoon a través de trafico de transito, también conocido como Bug ID CSCup30133. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3396 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.6EPSS: 0%CPEs: 10EXPL: 0CVE-2014-3335
https://notcve.org/view.php?id=CVE-2014-3335
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750. Cisco IOS XR 4.3(.2) y anteriores en los dispositivos ASR 9000 no realiza debidamente el muestreo NetFlow de paquetes con direcciones MAC de destinos multicast, lo que permite a atacantes remotos causar una denegación de servicio (cuelgues de chip y tarjeta) a través de un paquete manipulado, también conocido como Bug ID CSCup77750. • http://secunia.com/advisories/60222 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3335 http://tools.cisco.com/security/center/viewAlert.x?alertId=35416 http://www.securityfocus.com/bid/69383 http://www.securitytracker.com/id/1030757 https://exchange.xforce.ibmcloud.com/vulnerabilities/95443 • CWE-20: Improper Input Validation •