5 matches found
CVE-2021-1539
CVE-2021-1539 concerns multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) that allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. The issue stems from weaknesses in the authoriza...
CVE-2021-1540
CVE-2021-1540 concerns Cisco ASR 5000 Series Software (StarOS). The advisory describes multiple vulnerabilities in the authorization process that could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. The issue is tied to ...
CVE-2017-3819
CVE-2017-3819 affects Cisco StarOS SSH login handling on Cisco ASR 5000/5500/5700 and VPC-SI/DI; vulnerability arises from missing input validation during SSH/SFTP login, allowing an authenticated attacker with valid credentials to craft input over an established TCP connection to port 22 and gai...
CVE-2017-6678
The CVE-2017-6678 issue affects Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) software 19.2–21.0. It exploits the ingress UDP packet processing function, where insufficient handling of user-supplied data can allow an unauthenticated remote attacker to trigger a reload of both CF (co...
CVE-2016-6466
CVE-2016-6466 affects Cisco ASR 5000/5500 Series routers and Cisco VPC, via the StarOS IPsec component (ipsecmgr). The issue arises from improper processing of IKE messages, allowing an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new ones, causing a DoS ...