Cisco ASR 5000 Series Router Denial of Service Vulnerability

The Cisco Aggregation Services Router ASR 5000 Series Routers and Virtualized Packet Core VPC System Software are both products of Cisco, Inc. The Cisco Aggregation Services Router ASR 5000 Series Routers are a 5000 series of secure router appliances.The Virtualized Packet Core VPC System Softwar...

CVE-2018-0273

A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router ASR 5000 Series Routers and Virtualized Packet Core VPC System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being...

CVE-2018-0239

A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router ASR 5700 Series devices and Virtualized Packet Core VPC System Software could allow an unauthenticated, remote attacker to cause an interface on the device to...

Cisco StarOS IPsec Manager Denial of Service Vulnerability

A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router ASR 5000 Series Routers and Virtualized Packet Core VPC System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being...

Cisco Virtualized Packet Core-Distributed Instance Software Denial of Service Vulnerability

Cisco Virtualized Packet Core-Distributed Instance VPC-DI Software is a productized version of Cisco's StarOS software that is deployed on a dedicated hardware platform.The Cisco StarOS operating The Cisco StarOS operating system is one of the virtualization operating systems. A denial of service...

CVE-2018-0117

A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance VPC-DI Software could allow an unauthenticated, remote attacker to cause both control function CF instances on an affected system to reload, resulting in a denial of service Do...

Race condition

A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance VPC-DI Software could allow an unauthenticated, remote attacker to cause both control function CF instances on an affected system to reload, resulting in a denial of service Do...

CVE-2018-0117

A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance VPC-DI Software could allow an unauthenticated, remote attacker to cause both control function CF instances on an affected system to reload, resulting in a denial of service Do...

CVE-2018-0117

CVE-2018-0117 affects Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) on Cisco StarOS; vulnerability in ingress packet processing allows unauthenticated remote attacker to trigger unhandled errors that reload CF instances, causing the entire VPC to reload and disconnect subscribers (D...

CVE-2018-0117

A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance VPC-DI Software could allow an unauthenticated, remote attacker to cause both control function CF instances on an affected system to reload, resulting in a denial of service Do...

CVE-2018-0117

A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance VPC-DI Software could allow an unauthenticated, remote attacker to cause both control function CF instances on an affected system to reload, resulting in a denial of service Do...

Carbon Black & VMware Announce General Availability of Integrated Solution to Secure the SDDC

Securing your software-defined data center SDDC is fundamentally different than securing your end-user computers. Securing the endpoint is no longer enough - attackers have other angles they can take to wreak havoc on your system - but not securing your endpoints would be a big mistake. That’s wh...

CVE-2018-0086

A vulnerability in the application server of the Cisco Unified Customer Voice Portal CVP could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on the CVP during...

CVE-2018-0086

A vulnerability in the application server of the Cisco Unified Customer Voice Portal CVP could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on the CVP during...

Cisco Unified Customer Voice Portal Denial of Service Vulnerability

Cisco Unified Customer Voice Portal CVP can be used as a standalone interactive voice response IVR system or integrated with a contact center. A denial of service vulnerability exists in Cisco Unified Customer Voice Portal CVP. A remote user can exploit this vulnerability to affect the availabili...

Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems

Last week the technology industry and many of our customers learned of new vulnerabilities in the hardware chips that power phones, PCs and servers. We and others in the industry had learned of this vulnerability under nondisclosure agreement several months ago and immediately began developing...

Meltdown and Spectre

Cisco Talos is aware of three new vulnerabilities impacting Intel, AMD, Qualcomm and ARM processors used by almost all computers. We are investigating these issues and although we have not observed exploitation of these vulnerabilities in the wild, that does not mean that it has not occurred. We...

Check Point Gaia Operating System VM escape and code execution (sk106060)(VENOM)

The remote host is running a version of Gaia OS which is affected by a vulnerability in the virtual floppy drive code which may allow an attacker to escape a virtualized environment and obtain code execution on the underlying host. C Tenable Network Security, Inc. include'compat.inc'; if...

The vulnerability of the Secure Shell subsystem of the StarOS operating system and the Virtualized Packet Core management software allows a hacker to gain root privileges.

The vulnerability of the Secure Shell subsystem of the StarOS operating system and the Virtualized Packet Core management software is related to deficiencies in access control mechanisms lack of checks on parameters transmitted during SSH or SFTP connections. Exploiting this vulnerability allows ...

Juniper Junos Virtualized Environment Guest-To-Host Privilege Escalation (JSA10787)

According to its self-reported version number and configuration, the remote Juniper Junos device is affected by a privilege escalation vulnerability when running in a virtualized environment due to improper handling of authentication. An attacker on the Junos guest can exploit this to escalate...