Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco ios xr 4.3.1 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv2
CVE-2014-3322
Cisco IOS XR 4.3(.2) and previous versions on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote malicious users to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.
Cisco Ios Xr
Cisco Ios Xr 4.3.0
Cisco Ios Xr 4.3.1
Cisco Asr 9000 Rsp440 Router -
Cisco Asr 9001 -
Cisco Asr 9006 -
Cisco Asr 9010 -
Cisco Asr 9904 -
Cisco Asr 9912 -
Cisco Asr 9922 -
4.6
CVSSv2
CVE-2014-3335
Cisco IOS XR 4.3(.2) and previous versions on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote malicious users to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID C...
Cisco Ios Xr
Cisco Ios Xr 4.3.0
Cisco Ios Xr 4.3.1
Cisco Asr 9000 Rsp440 Router -
Cisco Asr 9001 -
Cisco Asr 9006 -
Cisco Asr 9010 -
Cisco Asr 9904 -
Cisco Asr 9912 -
Cisco Asr 9922 -
7.8
CVSSv2
CVE-2013-5503
The UDP process in Cisco IOS XR 4.3.1 does not free packet memory upon detecting full packet queues, which allows remote malicious users to cause a denial of service (memory consumption) via UDP packets to listening ports, aka Bug ID CSCue69413.
Cisco Ios Xr 4.3.1
5
CVSSv2
CVE-2016-1409
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 up to and including 3.17S, IOS XR 2.0.0 up to and including 5.3.2, and NX-OS allows remote malicious users to cause a denial of service (packet-processing outage) via crafted ND messages, ak...
Cisco Ios 12.1(14)e7
Cisco Ios 12.3(3f)
Cisco Ios Xe 3.2.10sg
Cisco Ios 12.0(10)s6
Cisco Ios 12.1(3)db
Cisco Ios 12.0(16)sc3
Cisco Ios Xr 5.1.1.k9sec
Cisco Nx-os 5.2(1)n1(4)
Cisco Ios 12.4(11)xw6
Cisco Ios Xe 3.3.0sq
Cisco Ios 12.2(28)sb12
Cisco Ios 12.1(5)xm1
Cisco Ios 12.4(2)t2
Cisco Ios 12.2(2)xa2
Cisco Ios 15.4(2)s2
Cisco Ios 15.3(3)jnb3
Cisco Ios Xe 3.13.2s
Cisco Ios 12.0(21)sp4
Cisco Ios 12.2(18)ixa
Cisco Ios 12.1(1)xb
Cisco Ios 12.2(19c)
Cisco Nx-os 6.0(2)u5(1)
1 Article
7.1
CVSSv2
CVE-2014-2176
Cisco IOS XR 4.1.2 up to and including 5.1.1 on ASR 9000 devices, when a Trident-based line card is used, allows remote malicious users to cause a denial of service (NP chip and line card reload) via malformed IPv6 packets, aka Bug ID CSCun71928.
Cisco Ios Xr 4.1.2
Cisco Ios Xr 4.2.0
Cisco Ios Xr 4.3.1
Cisco Ios Xr 5.1.0
Cisco Ios Xr 5.1.1
Cisco Asr 9001 -
Cisco Asr 9006 -
Cisco Asr 9010 -
Cisco Asr 9904 -
Cisco Asr 9912 -
Cisco Asr 9922 -
2.1
CVSSv2
CVE-2015-7975
The nextvar function in NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90 does not properly validate the length of its input, which allows an malicious user to cause a denial of service (application crash).
Ntp Ntp 4.3.80
Ntp Ntp 4.3.51
Ntp Ntp 4.3.17
Ntp Ntp 4.3.30
Ntp Ntp 4.3.74
Ntp Ntp 4.3.67
Ntp Ntp 4.3.14
Ntp Ntp 4.3.27
Ntp Ntp 4.3.13
Ntp Ntp 4.3.36
Ntp Ntp 4.3.16
Ntp Ntp 4.3.35
Ntp Ntp 4.3.53
Ntp Ntp 4.3.64
Ntp Ntp 4.3.20
Ntp Ntp 4.3.40
Ntp Ntp 4.3.68
Ntp Ntp 4.3.46
Ntp Ntp 4.3.77
Ntp Ntp 4.3.1
Ntp Ntp 4.3.6
Ntp Ntp 4.3.2
4
CVSSv2
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2
Ntp Ntp
Ntp Ntp 4.3.80
Ntp Ntp 4.3.51
Ntp Ntp 4.3.17
Ntp Ntp 4.3.30
Ntp Ntp 4.3.74
Ntp Ntp 4.3.67
Ntp Ntp 4.3.14
Ntp Ntp 4.3.27
Ntp Ntp 4.3.13
Ntp Ntp 4.3.36
Ntp Ntp 4.3.16
Ntp Ntp 4.3.35
Ntp Ntp 4.3.53
Ntp Ntp 4.3.64
Ntp Ntp 4.3.20
Ntp Ntp 4.3.40
Ntp Ntp 4.3.68
Ntp Ntp 4.3.46
Ntp Ntp 4.3.77
Ntp Ntp 4.3.1
5
CVSSv2
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
5
CVSSv2
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Agile Engineering Data Management 6.1.3
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.2
Oracle Jd Edwards World Security A9.3
Oracle Jd Edwards World Security A9.4
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.7.1
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2