CVSS: 5.5EPSS: 0%CPEs: 32EXPL: 0CVE-2019-1842 – Cisco IOS XR Software Secure Shell Authentication Vulnerability
https://notcve.org/view.php?id=CVE-2019-1842
05 Jun 2019 — A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could allow an authenticated, remote attacker to successfully log in to an affected device using two distinct usernames. The vulnerability is due to a logic error that may occur when certain sequences of actions are processed during an SSH login event on the affected device. An attacker could exploit this vulnerability by initiating an SSH session to the device with a specific sequence that presents the two usernames.... • http://www.securityfocus.com/bid/108687 • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0776
https://notcve.org/view.php?id=CVE-2015-0776
12 Jun 2015 — telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (device reload) via a malformed TELNET packet, aka Bug ID CSCuq31566. telnetd en Cisco IOS XR 5.0.1 en los dispositivos Network Convergence System 6000 permite a atacantes remotos causar una denegación de servicio (recarga de dispositivo) a través de un paquete TELNET malformado, también conocido como Bug ID CSCuq31566. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39293 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 57EXPL: 0CVE-2014-3379
https://notcve.org/view.php?id=CVE-2014-3379
20 Sep 2014 — Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (NPU and card hang or reload) via a malformed MPLS packet, aka Bug ID CSCuq10466. Cisco IOS XR 5.1 y anteriores en dispositivos Network Convergence System 6000 permite a usuarios remotos autenticados causar una denegación de servicio (NPU y caída de tarjeta o recarga) a través de un paquete MPLS malformado, también conocido como Bug ID CSCuq10466. • http://secunia.com/advisories/61372 • CWE-20: Improper Input Validation •