CVE-2013-1167

Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers ASR, when bridge domain interface BDI is enabled, allows remote attackers to cause a denial of service card reload via packets that are not properly handled during the processing of encapsulation, aka...

CVE-2013-2779

Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers ASR does not properly implement the Cisco Multicast Leaf Recycle Elimination MLRE feature, which allows remote attackers to cause a denial of service card reload via fragmented IPv6 MVPN...

Cisco IOS XR 安全漏洞

Cisco IOS XR is an operating system developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR, which stems from a security issue in GRand Unified Bootloader GRUB, which can be exploited by an attacker to view sensitive files on the console using the GRUB bootload...

Vulnerabilities fixed in Cisco StarOS Software

Cisco has fixed vulnerabilities in StarOS, the operating system of a series of Aggregation Services Routers ASR. Because the debug mode was misconfigured, a remote malicious party may be able to access sensitive information and may be able to execute arbitrary code under the root privileges of th...

CVE-2021-34696

The CVE-2021-34696 entry affects Cisco ASR 900 and ASR 920 Series Aggregation Services Routers. The vulnerability originates from incorrect hardware programming when ACLs are configured by methods other than the configuration CLI, allowing an unauthenticated, remote attacker to bypass a configure...

CVE-2021-34696 Cisco ASR 900 and ASR 920 Series Aggregation Services Routers Access Control List Bypass Vulnerability

A vulnerability in the access control list ACL programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect programming of hardware when an ACL is configured using a...

The vulnerability of Cisco IOS XE routers in the Cisco ASR 900 Series Aggregation Services Routers, related to the use of incorrect authentication schemes, allows attackers to enhance their privileges and execute arbitrary code.

The vulnerability of Cisco IOS XE routers in the Cisco ASR 900 Series Aggregation Services Routers is related to the use of incorrect authentication schemes. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

CVE-2020-3524

A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...

CVE-2020-3508 Cisco IOS XE Software for Cisco ASR 1000 Series 20-Gbps Embedded Services Processor IP ARP Denial of Service Vulnerability

A vulnerability in the IP Address Resolution Protocol ARP feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor ESP installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload,...

Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability

A vulnerability in the Enhanced Charging Service ECS functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of...

Input validation

A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The...

CVE-2019-12709

CVE-2019-12709 describes a privilege-escalation vulnerability in Cisco IOS XR Software for Cisco ASR 9000 Series (VMAN CLI). An authenticated, local attacker can exploit insufficient validation of VMAN CLI arguments to execute arbitrary commands on the underlying Linux OS with root privileges, po...

CVE-2019-1710

A vulnerability in the sysadmin virtual machine VM on Cisco ASR 9000 Series Aggregation Services Routers running Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to access internal applications running on the sysadmin VM. The vulnerability is due to incorrect isolation...

Cisco ASR 9000 Series Aggregation Services Routers ACL Bypass Vulnerability

A vulnerability in the TCP flags inspection feature for access control lists ACLs on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect...

Cisco StarOS File Overwrite Vulnerability

Cisco ASR 5000 Series Aggregation Services Routers is a 5000 Series security router appliance from Cisco USA. the Cisco StarOS operating system is a set of virtualized operating systems that run on them. A file overwrite vulnerability exists in the CLI of the Cisco StarOS operating system in the...

Input validation

A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper inpu...

CVE-2017-6795

Cisco IOS XE Software on Cisco ASR 920 Series Routers is affected by CVE-2017-6795 due to improper input validation in the USB-modem code (platform usb modem CLI command). A local, authenticated attacker could exploit this to overwrite arbitrary files on the device’s underlying operating system. ...

CVE-2017-6795

A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper inpu...

Cisco IOS XE Software for Cisco ASR 920 Series Routers Arbitrary File Overwrite Vulnerability

A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper inpu...

Cisco ASR 1000 Series Aggregation Services Routers IOS XE SNMP DoS Vulnerability

Cisco ASR 1000 Series Aggregation Services router with Cisco IOS XE Software is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...