COOEY // HUBcompliance · community · intelligence

FAIL › dossier

IOS XR product

6
failure events
0
zero-days
0
RCEs
6
on KEV
0
critical
50
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 6 events

DateEventSevFlagsShameSummary
2022-05-23 CVE-2022-20821 high ⌖KEV 50 Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and allow access to the Redis instance that is running within the NOSi container.
2022-03-25 CVE-2010-3035 high ⌖KEV 50 Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
2022-03-25 CVE-2009-2055 high ⌖KEV 50 Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
2021-11-03 CVE-2020-3118 high ⌖KEV 50 Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device.
2021-11-03 CVE-2020-3566 high ⌖KEV 50 Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventu
2021-11-03 CVE-2020-3569 high ⌖KEV 50 Cisco IOS XR Distance Vector Multicast Routing Protocol (DVMRP) incorrectly handles Internet Group Management Protocol (IGMP) packets. Exploitation could allow an unauthenticated, remote attacker to immediately crash the IGMP process or make it consume available memory and eventu