VYPR

Staros

by Cisco Systems, Inc.

CVEs (24)

  • CVE-2017-6707HigJul 6, 2017
    risk 0.53cvss 8.2epss 0.01

    A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the…

  • CVE-2018-0239HigApr 19, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an…

  • CVE-2016-6467HigDec 14, 2016
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Unit (NPU) process. More Information: CSCva84552.…

  • CVE-2016-6455HigNov 3, 2016
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series routers with Data Processing Card 2 (DPC2) could allow an unauthenticated, remote attacker to cause a subset of the subscriber sessions to be disconnected, resulting in a partial denial of service (DoS)…

  • CVE-2016-1335HigFeb 19, 2016
    risk 0.49cvss 7.5epss 0.03

    The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint…

  • CVE-2018-0224MedMar 8, 2018
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected operating system. The vulnerability is due to…

  • CVE-2018-0217MedMar 8, 2018
    risk 0.44cvss 6.7epss 0.01

    A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system. The vulnerability is due to insufficient validation of…

  • CVE-2018-0115MedJan 18, 2018
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected host operating system. The vulnerability is due to insufficient…

  • CVE-2017-3865MedJul 4, 2017
    risk 0.38cvss 5.8epss 0.02

    A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition.…

  • CVE-2021-1424MedNov 18, 2024
    risk 0.35cvss 5.3epss 0.01

    A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2…

  • CVE-2018-0273MedApr 19, 2018
    risk 0.35cvss 5.3epss 0.03

    A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new…

  • CVE-2018-0122MedFeb 8, 2018
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to…

  • CVE-2023-20046May 9, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could…

  • CVE-2022-20665Apr 6, 2022
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted…

  • CVE-2021-1378Feb 17, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may…

  • CVE-2021-1353Jan 20, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could…

  • CVE-2021-1145Jan 13, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the…

  • CVE-2020-3602Oct 8, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could…

  • CVE-2020-3601Oct 8, 2020
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could…

  • CVE-2020-3500Aug 17, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit…

Page 1 of 2