Summary
Detail | |||
---|---|---|---|
Vendor | Cisco | First view | 2014-06-14 |
Product | Asr 9010 | Last view | 2015-09-20 |
Version | Type | Hardware | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:h:cisco:asr_9010:-:*:*:*:*:*:*:* | 8 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5 | 2015-09-20 | CVE-2015-6301 | The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers to cause a denial of service (process reset) via crafted packets, aka Bug ID CSCun72171. |
5 | 2015-04-10 | CVE-2015-0694 | Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restrictions by using an address that was not supposed to have been allowed, aka Bug ID CSCur28806. |
7.5 | 2014-10-04 | CVE-2014-3396 | Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133. |
4.6 | 2014-08-26 | CVE-2014-3335 | Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750. |
6.1 | 2014-07-24 | CVE-2014-3322 | Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417. |
5.7 | 2014-07-17 | CVE-2014-3321 | Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149. |
6.4 | 2014-07-07 | CVE-2014-3308 | Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985. |
7.1 | 2014-06-14 | CVE-2014-2176 | Cisco IOS XR 4.1.2 through 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote attackers to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (4) | CWE-20 | Improper Input Validation |
25% (2) | CWE-399 | Resource Management Errors |
12% (1) | CWE-284 | Access Control (Authorization) Issues |
12% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2014-09-17 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sn-CSCup77750-iosxr.nasl - Type: ACT_GATHER_INFO |
2014-08-18 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sn-CSCuo91149-iosxr.nasl - Type: ACT_GATHER_INFO |
2014-08-07 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sn-CSCun83985-iosxr.nasl - Type: ACT_GATHER_INFO |
2014-07-29 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sn-CVE-2014-3322-iosxr.nasl - Type: ACT_GATHER_INFO |
2014-06-30 | Name: The remote device is missing a vendor-supplied security patch. File: cisco-sa-20140611-ipv6-iosxr.nasl - Type: ACT_GATHER_INFO |