CVE-2022-20648

A vulnerability in a debug function for Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions that could result in the disclosure of confidential information that should be restricted. This vulnerability exists because of a debug service that...

CVE-2022-20649 Cisco Redundancy Configuration Manager Debug Remote Code Execution Vulnerability

A vulnerability in Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform remote code execution on the application with root-level privileges in the context of the configured container. This vulnerability exists because the debug mode is incorrectly enabled...

CVE-2022-20750 Cisco Redundancy Configuration Manager for Cisco StarOS Software TCP Denial of Service Vulnerability

A vulnerability in the checkpoint manager implementation of Cisco Redundancy Configuration Manager RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to cause the checkpoint manager process to restart upon receipt of malformed TCP data. This vulnerability is due to...

CVE-2022-20750

CVE-2022-20750 describes a DoS vulnerability in the Cisco StarOS RCM checkpoint manager, triggered by malformed TCP data. The issue stems from improper input validation of ingress TCP packets, allowing an unauthenticated, remote attacker to cause the checkpoint manager process to restart and rend...

Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software

Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager RCM for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and take over vulnerable machines. Tracked as CVE-2022-20649 CVSS scor...

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

Cisco Redundancy Configuration Manager for Cisco StarOS Software Multiple Vulnerabilities

Multiple vulnerabilities in Cisco Redundancy Configuration Manager RCM for Cisco StarOS Software could allow a unauthenticated, remote attacker to disclose sensitive information or execute arbitrary commands as the root user in the context of the configured container. For more information about...

PT-2022-2314 · Cisco · Cisco Rcm For Cisco Staros

Name of the Vulnerable Software and Affected Versions: Cisco RCM for Cisco StarOS Software affected versions not specified Description: A vulnerability in the debug function of Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions, potentiall...

PT-2022-2313 · Cisco · Cisco Rcm For Cisco Staros

Name of the Vulnerable Software and Affected Versions: Cisco RCM for Cisco StarOS Software affected versions not specified Description: The issue exists due to the incorrect enabling of debug mode for specific services, allowing an unauthenticated, remote attacker to perform remote code execution...

CVE-2021-1539

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software StarOS could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details sectio...

Cisco ASR 5000 Series Router Denial of Service Vulnerability

The Cisco Aggregation Services Router ASR 5000 Series Routers and Virtualized Packet Core VPC System Software are both products of Cisco, Inc. The Cisco Aggregation Services Router ASR 5000 Series Routers are a 5000 series of secure router appliances.The Virtualized Packet Core VPC System Softwar...