MindPoint Group and Trend Micro Help Secure NASA’s Successful Journey to the AWS Cloud

For decades NASA has launched countless successful explorations into space, but just recently took on the mission of launching their data into the cloud, similarly to many other organizations today. With the help of MindPoint Group using Trend Micro Deep Security, powered by XGen™, this was yet...

CVE-2017-2341

An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Jun...

Authentication flaw

An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Jun...

CVE-2017-2341 Junos OS: VM to host privilege escalation in platforms with Junos OS running in a virtualized environment.

An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. Affected releases are Juniper Networks Jun...

CVE-2017-2341

CVE-2017-2341 covers an insufficient authentication vulnerability in Junos OS when run in a virtualized environment, enabling a guest to escalate to the host. Affected Junos OS releases include 14.1X53 pre-D40 (QFX5110, QFX5200, QFX10002/10008/10016, EX4600, NFX250), 15.1 pre-R5 (EX4600), 15.1X49...

Juniper Networks Junos OS Privilege Escalation Vulnerability

Junos OS is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos"; if...

CVE-2017-6729

A vulnerability in the Border Gateway Protocol BGP processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core VPC Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reloa...

Race condition

A vulnerability in the Border Gateway Protocol BGP processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core VPC Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reloa...

CVE-2017-6729

A vulnerability in the Border Gateway Protocol BGP processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core VPC Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reloa...

CVE-2017-6729

A vulnerability in the Border Gateway Protocol BGP processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core VPC Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reloa...

CVE-2017-6707

A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core VPC Software could allow an authenticated, local attacker to break from the StarOS CLI of an...

CVE-2017-6707

A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core VPC Software could allow an authenticated, local attacker to break from the StarOS CLI of an...

CVE-2017-6707

CVE-2017-6707 affects Cisco StarOS CLI on ASR 5000/5500/5700 series and Cisco VPC Software. The issue stems from improper sanitization of CLI commands before they are inserted into Linux shell commands, allowing an authenticated local attacker to break out of the StarOS CLI and execute arbitrary ...

Cisco StarOS CLI Command Injection Vulnerability

A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core VPC Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and...

CVE-2017-6678

A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance VPC-DI Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function CF instances on an affected system to reload, resulting in a...

CVE-2017-6678

The CVE-2017-6678 issue affects Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) software 19.2–21.0. It exploits the ingress UDP packet processing function, where insufficient handling of user-supplied data can allow an unauthenticated remote attacker to trigger a reload of both CF (co...

Cisco Patches XXE, DOS, Code Execution Vulnerabilities in Software

Cisco patched three vulnerabilities in three products this week that if exploited, could have resulted in a denial of service, crash, and in some instances, arbitrary and remote code execution. According to security advisories published Wednesday, each of the vulnerabilities are branded “high”...

Cisco Virtualized Packet Core-Distributed Instance Denial of Service Vulnerability

Cisco Virtualized Packet Core VPC is the StarOS release by product. A security vulnerability in the ingress UDP packet processing function of Cisco Virtualized Packet CoreDistributed Instance VPCDI Software could allow an unauthenticated, remote attacker to cause a denial of service by overloadin...

Cisco Virtualized Packet Core-Distributed Instance Denial of Service Vulnerability

A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance VPC-DI Software could allow an unauthenticated, remote attacker to cause both control function CF instances on an affected system to reload, resulting in a denial of service Do...

CVE-2017-3510

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel Zones virtualized NIC driver. The supported version that is affected is 11.3. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise...