Lucene search
K

311 matches found

ATTACKERKB
ATTACKERKB
added 2022/02/16 4:0 p.m.4 views

CVE-2022-20750

A vulnerability in the checkpoint manager implementation of Cisco Redundancy Configuration Manager RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to cause the checkpoint manager process to restart upon receipt of malformed TCP data. This vulnerability is due to...

7.5CVSS7.3AI score0.01142EPSS
Exploits0References2
Cisco
Cisco
added 2022/02/16 4:0 p.m.21 views

Cisco Redundancy Configuration Manager for Cisco StarOS Software TCP Denial of Service Vulnerability

A vulnerability in the checkpoint manager implementation of Cisco Redundancy Configuration Manager RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to cause the checkpoint manager process to restart upon receipt of malformed TCP data. This vulnerability is due to...

5.3CVSS6.3AI score0.01142EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/02/16 12:0 a.m.4 views

Cisco StarOS 输入验证错误漏洞

Cisco RCM for Cisco StarOS Software is a denial-of-service vulnerability that could be exploited to cause the checkpoint manager process to restart upon receipt of malformed TCP data...

7.5CVSS5.5AI score0.01142EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/01/25 12:0 a.m.4 views

Cisco StarOS 信息泄露漏洞

Cisco StarOS is a virtualized operating system from Cisco. Cisco StarOS suffers from an information disclosure vulnerability that arises from the debugging service incorrectly listening to and accepting incoming connections. A remote attacker could exploit this vulnerability to gain access to...

5.3CVSS5.8AI score0.00985EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/01/25 12:0 a.m.6 views

Cisco StarOS 安全漏洞

Cisco StarOS is a virtualized operating system from Cisco. A security vulnerability exists in Cisco StarOS that stems from certain services not having debug mode properly enabled. A remote attacker could use this vulnerability to connect to a device, navigate to a debug mode enabled service, and...

8.1CVSS6.4AI score0.11636EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2022/01/21 6:20 a.m.59 views

Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software

Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager RCM for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and take over vulnerable machines. Tracked as CVE-2022-20649 CVSS scor...

2.5AI score0.11636EPSS
Exploits0
ThreatPost
ThreatPost
added 2022/01/20 7:35 p.m.99 views

Critical Cisco StarOS Bug Grants Root Access via Debug Mode

Cisco released a security update warning about a handful of vulnerabilities lurking in its networking technology, led by a critical bug in the company’s StarOS debug services. Cisco pushed out a fix for its Cisco StarOS Software on Wednesday. Jan. 19. In its advisory, the company said that the fl...

8.8CVSS8.8AI score0.11636EPSS
Exploits0References12
hivepro
hivepro
added 2022/01/20 11:3 a.m.23 views

Cisco patched multiple critical vulnerabilities in StarOS Software

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Cisco patched two critical vulnerabilities in Redundancy Configuration Manager for StarOS software. Exploitation of one of the vulnerabilities is not required to exploit the other vulnerability. An attacker could exploit th...

0.8AI score0.11636EPSS
Exploits0
CISA
CISA
added 2022/01/20 12:0 a.m.7 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...

7.5AI score
Exploits0References5
NCSC
NCSC
added 2022/01/20 12:0 a.m.4 views

Vulnerabilities fixed in Cisco StarOS Software

Cisco has fixed vulnerabilities in StarOS, the operating system of a series of Aggregation Services Routers ASR. Because the debug mode was misconfigured, a remote malicious party may be able to access sensitive information and may be able to execute arbitrary code under the root privileges of th...

8.1CVSS7.8AI score0.11636EPSS
Exploits0
Cisco
Cisco
added 2022/01/19 4:0 p.m.24 views

Cisco Redundancy Configuration Manager for Cisco StarOS Software Multiple Vulnerabilities

Multiple vulnerabilities in Cisco Redundancy Configuration Manager RCM for Cisco StarOS Software could allow a unauthenticated, remote attacker to disclose sensitive information or execute arbitrary commands as the root user in the context of the configured container. For more information about...

9CVSS7.2AI score0.11636EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/01/19 12:0 a.m.8 views

PT-2022-2313 · Cisco · Cisco Rcm For Cisco Staros

Name of the Vulnerable Software and Affected Versions: Cisco RCM for Cisco StarOS Software affected versions not specified Description: The issue exists due to the incorrect enabling of debug mode for specific services, allowing an unauthenticated, remote attacker to perform remote code execution...

8.1CVSS8.5AI score0.11636EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2022/01/19 12:0 a.m.5 views

PT-2022-2314 · Cisco · Cisco Rcm For Cisco Staros

Name of the Vulnerable Software and Affected Versions: Cisco RCM for Cisco StarOS Software affected versions not specified Description: A vulnerability in the debug function of Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform debug actions, potentiall...

5.3CVSS7.2AI score0.00985EPSS
Exploits0References9
OSV
OSV
added 2021/06/04 5:15 p.m.4 views

CVE-2021-1539

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software StarOS could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details sectio...

8.8CVSS5.9AI score0.01093EPSS
Exploits0References1
OSV
OSV
added 2021/06/04 5:15 p.m.5 views

CVE-2021-1540

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software StarOS could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details sectio...

7.2CVSS5.9AI score0.01053EPSS
Exploits0References1
NVD
NVD
added 2021/06/04 5:15 p.m.18 views

CVE-2021-1540

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software StarOS could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details sectio...

8.1CVSS0.01053EPSS
Exploits0References1
Prion
Prion
added 2021/06/04 5:15 p.m.13 views

Authorization

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software StarOS could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details sectio...

6.5CVSS8.6AI score0.01093EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/06/04 5:15 p.m.18 views

Authorization

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software StarOS could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details sectio...

6CVSS7AI score0.01053EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/06/04 4:46 p.m.7 views

CVE-2021-1540 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software StarOS could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details sectio...

8.1CVSS7.1AI score0.01053EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/06/04 4:46 p.m.25 views

CVE-2021-1540 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software StarOS could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details sectio...

8.1CVSS8.3AI score0.01053EPSS
Exploits0References1
Rows per page
Query Builder