Vulnerabilities fixed in Cisco ASR 5000 series

Cisco has fixed vulnerabilities in StarOS as used by ASR 5000-series devices. The vulnerabilities allow an authenticated remote malicious party able to further authentication to bypass and execute restricted unauthenticated commands execute. To do this, the malicious party must send rogue SSH...

PT-2021-2260 · Cisco · Cisco Asr 5000 Series

Name of the Vulnerable Software and Affected Versions: Cisco ASR 5000 Series Software StarOS affected versions not specified Description: A vulnerability in the ipsecmgr process could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This issue is due to...

CVE-2018-0273

A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router ASR 5000 Series Routers and Virtualized Packet Core VPC System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being...

Cisco ASR 5000 Series Aggregation Services Routers StarOS OS CLI Command Injection Vulnerability

Cisco ASR 5000 Series Aggregation Services Routers is a 5000 series security router appliance from Cisco. the StarOS operating system is a set of virtualized operating systems that run on it. the CLI is a command-line interface. A command injection vulnerability exists in the CLI of the StarOS...

Cisco StarOS CLI Command Injection Vulnerability

The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to Long Term Evolution LTE technologies.Cisco StarOS is a set of router operating systems that control the entire system logic and can control processes and CLIs. A CLI command injection...

Cisco StarOS Command Injection Vulnerability

Cisco ASR 5000 Series routers are a 5000 Series security router appliance from Cisco USA. the Cisco StarOS operating system is a set of virtualized operating systems that run on it. A command injection vulnerability exists in the CLI of the Cisco StarOS operating system in Cisco ASR 5000 Series...

CVE-2017-6729

A vulnerability in the Border Gateway Protocol BGP processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core VPC Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reloa...

Cisco StarOS IPsec Denial of Service Vulnerability

The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to long-term evolution. and StarOS is the suite of Linux operating systems used in them. Cisco StarOS for Cisco ASR 5000 Series Routers has a security vulnerability in the IPsec component...

CVE-2016-6467

A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router ASR 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Unit NPU process. More Information: CSCva84552. Known Affected Releases...

CVE-2016-1335

The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previous...

Cisco ASR 5000 Device Denial of Service Vulnerability

Cisco ASR 5000 is the 5000 series of mobile multimedia service solutions from Cisco. The solution enables operators to deploy large, high-demand 3G networks, as well as support migration to 4G networks.CDMA is one of the Code Division Multiple Access CDMA mobile network implementations. A securit...

Cisco StarOS Session Management Service Denial of Service Vulnerability

The Cisco ASR 5000 Series is a carrier-grade platform for deploying high-demand 3G networks and migrating to Long Term Evolution LTE, with Cisco StarOS as the operating system on board. A security vulnerability in the session-manager service of Cisco StarOS on Cisco ASR 5000 devices could be...