Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Cisco Subscribe
Filtered by product Asr 9000 Rsp440 Router
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-20919 1 Cisco 305 Asr-920-10sz-pd, Asr-920-12cz-a, Asr-920-12cz-d and 302 more 2022-10-27 N/A 7.5 HIGH
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.
CVE-2012-1366 1 Cisco 10 Asr 1001, Asr 1002, Asr 1002-x and 7 more 2021-10-05 6.1 MEDIUM N/A
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.
CVE-2014-3335 1 Cisco 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more 2017-08-28 4.6 MEDIUM N/A
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of packets with multicast destination MAC addresses, which allows remote attackers to cause a denial of service (chip and card hangs) via a crafted packet, aka Bug ID CSCup77750.
CVE-2014-3322 1 Cisco 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more 2017-01-12 6.1 MEDIUM N/A
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via malformed (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCuo68417.
CVE-2014-3321 1 Cisco 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more 2017-01-12 5.7 MEDIUM N/A
Cisco IOS XR 4.3.4 and earlier on ASR 9000 devices, when bridge-group virtual interface (BVI) routing is enabled, allows remote attackers to cause a denial of service (chip and card hangs) via a series of crafted MPLS packets, aka Bug ID CSCuo91149.
CVE-2014-3308 1 Cisco 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more 2017-01-12 6.4 MEDIUM N/A
Cisco IOS XR on Trident line cards in ASR 9000 devices lacks a static punt policer, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted packets, aka Bug ID CSCun83985.
CVE-2014-3396 1 Cisco 8 Asr 9000 Rsp440 Router, Asr 9001, Asr 9006 and 5 more 2014-10-06 7.5 HIGH N/A
Cisco IOS XR on ASR 9000 devices does not properly use compression for port-range and address-range encoding, which allows remote attackers to bypass intended Typhoon line-card ACL restrictions via transit traffic, aka Bug ID CSCup30133.
CVE-2012-2488 1 Cisco 3 Asr 9000 Rsp440 Router, Crs Performance Route Processor, Ios Xr 2012-08-24 7.8 HIGH N/A
Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94537 and CSCtz62593.