Lucene search
K

311 matches found

Positive Technologies
Positive Technologies
added 2023/04/19 12:0 a.m.6 views

PT-2023-2547 · Cisco · Cisco Staros

Name of the Vulnerable Software and Affected Versions: Cisco StarOS Software affected versions not specified Description: The issue arises from insufficient validation of user-supplied credentials in the key-based SSH authentication feature. This could allow a remote attacker to elevate privilege...

9CVSS8.7AI score0.00861EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.7 views

The vulnerability of the Cisco Redundancy Configuration Manager (RCM) operating system for StarOS allows a intruder to disclose protected information.

The vulnerability of the Cisco Redundancy Configuration Manager RCM operating system for StarOS is related to the lack of protection for mission-critical data. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

5.3CVSS5.8AI score0.00985EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/21 12:0 a.m.5 views

The vulnerability of the StarOS operating system arises from the improper activation of the debugging mode for certain services, allowing a perpetrator to execute arbitrary code.

The vulnerability of the StarOS operating system exists due to the incorrect activation of the debugging mode for certain services. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS6.2AI score0.11636EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/04/06 7:15 p.m.2 views

CVE-2022-20665

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A...

6.7CVSS7.2AI score
Exploits0References1
NVD
NVD
added 2022/04/06 7:15 p.m.18 views

CVE-2022-20665

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A...

7.2CVSS0.00297EPSS
Exploits0References1
Prion
Prion
added 2022/04/06 7:15 p.m.12 views

Input validation

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A...

7.2CVSS6.9AI score0.00297EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/04/06 6:13 p.m.10 views

CVE-2022-20665 Cisco StarOS Command Injection Vulnerability

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A...

6CVSS7.6AI score0.00297EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/06 6:13 p.m.24 views

CVE-2022-20665 Cisco StarOS Command Injection Vulnerability

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A...

6CVSS7AI score0.00297EPSS
Exploits0References1
CVE
CVE
added 2022/04/06 6:13 p.m.104 views

CVE-2022-20665

CVE-2022-20665 is a Cisco StarOS command-injection vulnerability in the CLI. It arises from insufficient input validation of CLI commands, enabling an authenticated, local attacker with administrative credentials to execute arbitrary code with root privileges on an affected device. Exploitation w...

7.2CVSS6.7AI score0.00297EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/03/28 12:0 a.m.4 views

The vulnerability of the command-line interface of StarOS systems allows attackers to execute arbitrary commands and increase their privileges.

The vulnerability of the command-line interface of StarOS systems is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges...

6.2CVSS7.4AI score0.00297EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/03/04 12:0 a.m.26 views

Cisco StarOS Command Injection (cisco-sa-staros-cmdinj-759mNT4n)

According to its self-reported version, the Cisco StarOS operating system is affected by a command injection vulnerability due to insufficient input validation of CLI commands. An authenticated, local attacker could exploit this by sending crafted commands to the CLI. A successful exploit could...

7.2CVSS7.5AI score0.00297EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/03/03 12:0 a.m.6 views

CVE-2022-20665

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A...

7.2CVSS7.2AI score0.00297EPSS
Exploits0References2
Cisco
Cisco
added 2022/03/02 4:0 p.m.37 views

Cisco StarOS Command Injection Vulnerability

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A...

6CVSS6.7AI score0.00297EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/03/02 12:0 a.m.4 views

Cisco StarOS 命令注入漏洞

Cisco StarOS is a virtualized operating system from Cisco. A command injection vulnerability exists in Cisco StarOS that can be exploited by an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An...

7.2CVSS7AI score0.00297EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2022/02/25 12:0 a.m.6 views

The vulnerability of the Cisco Redundancy Configuration Manager (RCM) operating system for StarOS allows a intruder to trigger a reboot of the vulnerable device.

The vulnerability of the Cisco Redundancy Configuration Manager RCM operating system for StarOS exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to trigger a restart of the vulnerable device...

5.3CVSS7.4AI score0.01124EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/02/18 12:0 a.m.21 views

Cisco RCM for Cisco StarOS Software拒绝服务漏洞

Cisco RCM for Cisco StarOS Software is a denial-of-service vulnerability that could be exploited to cause the checkpoint manager process to restart upon receipt of malformed TCP data...

7.5CVSS1.7AI score0.01124EPSS
Exploits0References1
OSV
OSV
added 2022/02/17 3:15 p.m.4 views

CVE-2022-20750

A vulnerability in the checkpoint manager implementation of Cisco Redundancy Configuration Manager RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to cause the checkpoint manager process to restart upon receipt of malformed TCP data. This vulnerability is due to...

7.5CVSS5.8AI score0.01124EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/02/17 3:0 p.m.16 views

CVE-2022-20750 Cisco Redundancy Configuration Manager for Cisco StarOS Software TCP Denial of Service Vulnerability

A vulnerability in the checkpoint manager implementation of Cisco Redundancy Configuration Manager RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to cause the checkpoint manager process to restart upon receipt of malformed TCP data. This vulnerability is due to...

5.3CVSS7AI score0.01124EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/02/17 3:0 p.m.25 views

CVE-2022-20750 Cisco Redundancy Configuration Manager for Cisco StarOS Software TCP Denial of Service Vulnerability

A vulnerability in the checkpoint manager implementation of Cisco Redundancy Configuration Manager RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to cause the checkpoint manager process to restart upon receipt of malformed TCP data. This vulnerability is due to...

5.3CVSS7.7AI score0.01124EPSS
Exploits0References1
CVE
CVE
added 2022/02/17 3:0 p.m.143 views

CVE-2022-20750

CVE-2022-20750 describes a DoS vulnerability in the Cisco StarOS RCM checkpoint manager, triggered by malformed TCP data. The issue stems from improper input validation of ingress TCP packets, allowing an unauthenticated, remote attacker to cause the checkpoint manager process to restart and rend...

7.5CVSS6.3AI score0.01124EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder