Cisco Asr_9903
27 CVEs affecting Cisco Asr_9903. Latest disclosed: 2025-03-12. Critical: 1, High: 17.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-12240 | Critical | 9.8 | 2017-09-29 | The DHCP relay subsystem of Cisco IOS 12.2 through 15.6 and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker… |
CVE-2020-3118 | High | 8.8 | 2020-02-05 | A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary… |
CVE-2025-20146 | High | 8.6 | 2025-03-12 | A vulnerability in the Layer 3 multicast feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Perform… |
CVE-2025-20142 | High | 8.6 | 2025-03-12 | A vulnerability in the IPv4 access control list (ACL) feature and quality of service (QoS) policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Ag… |
CVE-2023-20049 | High | 8.6 | 2023-03-09 | A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Service… |
CVE-2022-20919 | High | 8.6 | 2022-09-30 | A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could all… |
CVE-2022-20848 | High | 8.6 | 2022-09-30 | A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allo… |
CVE-2022-20714 | High | 8.6 | 2022-04-15 | A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated… |
CVE-2021-34720 | High | 8.6 | 2021-09-09 | A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could a… |
CVE-2020-26070 | High | 8.6 | 2020-11-12 | A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauth… |
CVE-2020-3569 | High | 8.6 | 2020-09-23 | Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote atta… |
CVE-2021-34718 | High | 8.1 | 2021-09-09 | A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the l… |
CVE-2023-20065 | High | 7.8 | 2023-03-23 | A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to r… |
CVE-2021-34728 | High | 7.8 | 2021-09-09 | Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges o… |
CVE-2021-34719 | High | 7.8 | 2021-09-09 | Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges o… |
CVE-2017-12231 | High | 7.5 | 2017-09-29 | A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote… |
CVE-2024-20327 | High | 7.4 | 2024-03-13 | A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allo… |
CVE-2021-34713 | High | 7.4 | 2021-09-09 | A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated… |
CVE-2023-20236 | Medium | 6.7 | 2023-09-13 | A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an a… |
CVE-2021-34722 | Medium | 6.7 | 2021-09-09 | Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an aff… |