Cisco ASR 5000 Series Aggregated Services Routers StarOS Security Bypass Vulnerability

Cisco ASR 5000 Series Aggregated Services Routers are the ASR 5000 series of integrated services router products from Cisco.StarOS is the set of operating systems that run on them.CLI is one of the command-line programs. A security bypass vulnerability exists in the CLI for StarOS in Cisco ASR 50...

CVE-2017-6773

A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system. The vulnerability is due to insufficient...

CVE-2017-6775

Cisco StarOS on the Cisco ASR 5000 Series (StarOS 21.0.v0.65839) contains a local privilege escalation in the CLI. The flaw stems from incorrect permissions assigned to a set of users, allowing an authenticated attacker to log into the device shell and elevate privileges to admin-level by modifyi...

CVE-2017-6774

CVE-2017-6774 affects Cisco ASR 5000 Series Aggregated Services Routers running StarOS. The issue is an arbitrary file write via FTP: sensitive system/configuration files can be overwritten because they are exposed in specific FTP subdirectories. A remote, authenticated attacker could exploit thi...

CVE-2017-6775

A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges. The vulnerability is due to incorrect permissions that are given to a set o...

Cisco StarOS for ASR 5000 Series Routers FTP Configuration File Modification Vulnerability

A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files. The vulnerability is due to the inclusion of sensitive system files within specific FTP...

Cisco StarOS for ASR 5000 Series Routers Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges. The vulnerability is due to incorrect permissions that are given to a set o...

CVE-2017-6690

The CVE-2017-6690 issue affects Cisco ASR 5000 Series Aggregated Services Routers running Cisco StarOS. Root cause: insufficient input validation in the file check operation. Impact: authenticated, remote attacker could overwrite or modify arbitrary files on an affected system. Affected releases ...

CVE-2017-6690

A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. More Information: CSCvd73726. Known Affected...

Cisco StarOS Arbitrary File Modification Vulnerability

A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. The vulnerability is due to insufficient input...