EUVD-2020-24515

Malware in sbrugna...

The vulnerability of the Enhanced Charging Service, a microprogramming-based software service for Cisco ASR 5000 routers, allows attackers to circumvent traffic classification rules and potentially avoid paying for the usage of network traffic.

The vulnerability of the Enhanced Charging Service provided by Cisco ASR 5000 router microprogramming software exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to bypass traffic classification rules and potentially avoid paying for t...

CVE-2020-3244

A vulnerability in the Enhanced Charging Service ECS functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of...

Cisco ASR 5000 Input Validation Error Vulnerability

Cisco ASR 5000 is a 5000 series gateway product from Cisco. An input validation error vulnerability exists in the Enhanced Charging Service ECS feature in Cisco ASR 5000 Series Aggregation Services Routers versions prior to Release 21.18.0. A remote attacker could exploit this vulnerability by...

Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability

A vulnerability in the Enhanced Charging Service ECS functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of...