cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-1424,https://securityvulnerability.io/vulnerability/CVE-2021-1424,Cisco ASR 5000 Series Software Vulnerability Could Lead to Denial of Service,"A vulnerability exists in the ipsecmgr process of Cisco ASR 5000 Series Software that could enable unauthenticated, remote attackers to induce a denial of service condition. This issue arises from inadequate validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. By sending specifically crafted IKEv2 packets to vulnerable devices, an attacker can manipulate the ipsecmgr process to restart, which interrupts ongoing IKE negotiations and leads to temporary disruption of service. Cisco has released software updates to mitigate this issue. Currently, there are no workarounds available to address this vulnerability.",Cisco,Cisco Asr 5000 Series Software,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-11-18T15:35:11.060Z,0
CVE-2023-20046,https://securityvulnerability.io/vulnerability/CVE-2023-20046,Privilege Escalation Vulnerability in Cisco StarOS Software,"A security flaw exists in the key-based SSH authentication mechanism of Cisco StarOS Software that could allow an authenticated remote attacker to gain elevated privileges. This issue arises due to inadequate validation of user-provided credentials. An attacker can exploit this by submitting a valid SSH key with low privileges while impersonating a high-privileged user account from a configured source IP. If successful, this would enable unauthorized access to the device as a high-privileged user. Mitigations are available to address this issue.",Cisco,"Cisco ASR 5000 Series Software,Cisco Ultra Cloud Core - User Plane Function",8.8,HIGH,0.00171999994199723,false,,false,false,false,,,false,false,,2023-05-09T18:15:00.000Z,0
CVE-2023-20051,https://securityvulnerability.io/vulnerability/CVE-2023-20051,Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability,"A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS).",Cisco,Cisco Asr 5000 Series Software,5.8,MEDIUM,0.0013699999544769526,false,,false,false,true,2024-10-28T17:15:05.000Z,,false,false,,2023-04-05T00:00:00.000Z,0
CVE-2022-20665,https://securityvulnerability.io/vulnerability/CVE-2022-20665,Cisco StarOS Command Injection Vulnerability,"A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.",Cisco,Cisco Asr 5000 Series Software,6,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-03T03:15:35.000Z,,false,false,,2022-04-06T19:15:00.000Z,0
CVE-2021-1540,https://securityvulnerability.io/vulnerability/CVE-2021-1540,Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities,"Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Asr 5000 Series Software,8.1,HIGH,0.005439999978989363,false,,false,false,true,2024-08-03T17:16:00.000Z,,false,false,,2021-06-04T17:15:00.000Z,0
CVE-2021-1539,https://securityvulnerability.io/vulnerability/CVE-2021-1539,Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities,"Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Asr 5000 Series Software,8.1,HIGH,0.005439999978989363,false,,false,false,true,2024-08-03T17:16:00.000Z,,false,false,,2021-06-04T17:15:00.000Z,0
CVE-2021-1378,https://securityvulnerability.io/vulnerability/CVE-2021-1378,Cisco StarOS Denial of Service Vulnerability,"A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device.",Cisco,Cisco Asr 5000 Series Software,5.3,MEDIUM,0.0013299999991431832,false,,false,false,true,2024-08-03T17:15:53.000Z,,false,false,,2021-02-17T00:00:00.000Z,0
CVE-2021-1353,https://securityvulnerability.io/vulnerability/CVE-2021-1353,Cisco StarOS IPv4 Denial of Service Vulnerability,"A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device.",Cisco,Cisco Asr 5000 Series Software,5.8,MEDIUM,0.0015999999595806003,false,,false,false,true,2024-08-03T17:15:52.000Z,,false,false,,2021-01-20T00:00:00.000Z,0
CVE-2021-1145,https://securityvulnerability.io/vulnerability/CVE-2021-1145,Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability,"A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device.",Cisco,Cisco Asr 5000 Series Software,6.5,MEDIUM,0.001500000013038516,false,,false,false,true,2024-08-03T17:15:41.000Z,,false,false,,2021-01-13T00:00:00.000Z,0
CVE-2020-3601,https://securityvulnerability.io/vulnerability/CVE-2020-3601,Cisco StarOS Privilege Escalation Vulnerability,"A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.",Cisco,Cisco Asr 5000 Series Software,4.4,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-04T08:16:48.000Z,,false,false,,2020-10-08T05:15:00.000Z,0
CVE-2020-3602,https://securityvulnerability.io/vulnerability/CVE-2020-3602,Cisco StarOS Privilege Escalation Vulnerability,"A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.",Cisco,Cisco Asr 5000 Series Software,6.3,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-04T08:16:48.000Z,,false,false,,2020-10-08T05:15:00.000Z,0
CVE-2020-3500,https://securityvulnerability.io/vulnerability/CVE-2020-3500,Cisco StarOS IPv6 Denial of Service Vulnerability,"A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.",Cisco,Cisco Asr 5000 Series Software,6.8,MEDIUM,0.0015999999595806003,false,,false,false,true,2024-08-04T08:16:43.000Z,,false,false,,2020-08-17T18:15:00.000Z,0
CVE-2020-3244,https://securityvulnerability.io/vulnerability/CVE-2020-3244,Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability,"A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption.",Cisco,Cisco Asr 5000 Series Software,5.3,MEDIUM,0.001290000043809414,false,,false,false,true,2024-08-04T08:16:31.000Z,,false,false,,2020-06-18T03:15:00.000Z,0
CVE-2019-16026,https://securityvulnerability.io/vulnerability/CVE-2019-16026,Cisco Mobility Management Entity Denial of Service Vulnerability,"A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition.",Cisco,Cisco Asr 5000 Series Software,6.8,MEDIUM,0.0012400000123307109,false,,false,false,true,2024-08-05T02:15:48.000Z,,false,false,,2020-01-26T05:15:00.000Z,0
CVE-2019-1869,https://securityvulnerability.io/vulnerability/CVE-2019-1869,Cisco StarOS Denial of Service Vulnerability,"A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.",Cisco,Cisco Asr 5000 Series Software,8.6,HIGH,0.0009399999980814755,false,,false,false,true,2024-08-04T19:16:15.000Z,,false,false,,2019-06-20T03:15:00.000Z,0
CVE-2018-0122,https://securityvulnerability.io/vulnerability/CVE-2018-0122,,"A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command for the affected operating system. A successful exploit could allow the attacker to overwrite or modify arbitrary files that are stored in the flash memory of an affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93335.",Cisco,Cisco Staros For Cisco Asr 5000 Series Aggregation Services Routers,4.4,MEDIUM,0.002219999907538295,false,,false,false,false,,,false,false,,2018-02-08T07:00:00.000Z,0
CVE-2017-6774,https://securityvulnerability.io/vulnerability/CVE-2017-6774,,"A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files. The vulnerability is due to the inclusion of sensitive system files within specific FTP subdirectories. An attacker could exploit this vulnerability by overwriting sensitive configuration files through FTP. An exploit could allow the attacker to overwrite configuration files on an affected system. Cisco Bug IDs: CSCvd47739. Known Affected Releases: 21.0.v0.65839.",Cisco,Staros For Asr 5000 Series Aggregated Services Routers,5,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2017-08-17T20:29:00.000Z,0
CVE-2017-6775,https://securityvulnerability.io/vulnerability/CVE-2017-6775,,"A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges. The vulnerability is due to incorrect permissions that are given to a set of users. An attacker could exploit this vulnerability by logging in to the shell of an affected device and elevating their privileges by modifying environment variables. An exploit could allow the attacker to gain admin-level privileges and take control of the affected device. Cisco Bug IDs: CSCvd47741. Known Affected Releases: 21.0.v0.65839.",Cisco,Staros For Asr 5000 Series Aggregated Services Routers,5.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-08-17T20:29:00.000Z,0
CVE-2017-6773,https://securityvulnerability.io/vulnerability/CVE-2017-6773,,"A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system. The vulnerability is due to insufficient input sanitization of user-supplied input at the CLI. An attacker could exploit this vulnerability by crafting a script on the device that will allow them to bypass built-in restrictions. An exploit could allow the unauthorized user to launch the CLI directly from a command shell. Cisco Bug IDs: CSCvd47722. Known Affected Releases: 21.0.v0.65839.",Cisco,Staros For Asr 5000 Series Aggregated Services Routers,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-08-17T20:29:00.000Z,0
CVE-2017-6612,https://securityvulnerability.io/vulnerability/CVE-2017-6612,,"A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. More Information: CSCvc67927.",Cisco,Cisco Asr 5000 Series Aggregation Services Routers,8.6,HIGH,0.0018899999558925629,false,,false,false,false,,,false,false,,2017-07-25T19:00:00.000Z,0
CVE-2017-6672,https://securityvulnerability.io/vulnerability/CVE-2017-6672,,"A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Series Aggregation Services Routers through 21.x could allow an unauthenticated, remote attacker to bypass ACL rules that have been configured for an affected device. More Information: CSCvb99022 CSCvc16964 CSCvc37351 CSCvc54843 CSCvc63444 CSCvc77815 CSCvc88658 CSCve08955 CSCve14141 CSCve33870.",Cisco,Cisco Asr 5000 Series Aggregation Services Routers,7.5,HIGH,0.0014900000533089042,false,,false,false,false,,,false,false,,2017-07-25T19:00:00.000Z,0
CVE-2017-3865,https://securityvulnerability.io/vulnerability/CVE-2017-3865,,"A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. Affected Products: ASR 5000 Series Routers, Virtualized Packet Core (VPC) Software. More Information: CSCvc21129. Known Affected Releases: 21.1.0 21.1.M0.65601 21.1.v0. Known Fixed Releases: 21.2.A0.65754 21.1.b0.66164 21.1.V0.66014 21.1.R0.65759 21.1.M0.65749 21.1.0.66030 21.1.0.",Cisco,Cisco Staros For Asr 5000 Series Routers,5.8,MEDIUM,0.0014299999456852674,false,,false,false,false,,,false,false,,2017-07-04T00:00:00.000Z,0
CVE-2016-9216,https://securityvulnerability.io/vulnerability/CVE-2016-9216,,"An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. More Information: CSCuy06917 CSCuy45036 CSCuy59525. Known Affected Releases: 20.0.0 20.0.M0.62842 20.0.v0 20.0.M0.63229 20.1.0 20.1.a0 20.1.v0 21.0.0 21.0.v0. Known Fixed Releases: 20.0.0 20.0.0.63250 20.0.M0.63148 20.0.R0.63294 20.0.R0.63316 20.0.V0.63170 20.0.VG0.63188 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.A0.63166 20.2.A0.63174 20.1.A0.63232 20.2.A0.63237 20.0.M0.63226 20.0.M0.63229 20.0.R0.63294 20.0.R0.63316 20.0.V0.63263 20.0.VG0.63233 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.0 20.1.0.63959 20.1.M0.63876 20.1.T0.63886 20.1.V0.64231 20.1.VA0.64194 20.1.VB0.64210 20.1.a0 20.1.a0.64023 20.1.v0 20.1.v0.64607 20.2.A0.63895 21.0.0 21.0.0.65256 21.0.M0.63881 21.0.M0.64281 21.0.PP0.64366 21.0.V0.65052 21.0.v0 21.0.v0.65831 21.0.vb0.65887 21.1.R0.65130 21.1.R0.65135.",Cisco,Cisco Asr 5000 Software,5.3,MEDIUM,0.0016400000313296914,false,,false,false,false,,,false,false,,2017-01-26T07:45:00.000Z,0
CVE-2016-9203,https://securityvulnerability.io/vulnerability/CVE-2016-9203,,"A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process. More Information: CSCvb38398. Known Affected Releases: 20.2.3 20.2.3.65026. Known Fixed Releases: 21.1.M0.65431 21.1.PP0.65733 21.1.R0.65467 21.1.R0.65496 21.1.VC0.65434 21.1.VC0.65489 21.2.A0.65437.",Cisco,Cisco Asr 5000,7.5,HIGH,0.0029899999499320984,false,,false,false,false,,,false,false,,2016-12-14T00:37:00.000Z,0
CVE-2016-6467,https://securityvulnerability.io/vulnerability/CVE-2016-6467,,"A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Unit (NPU) process. More Information: CSCva84552. Known Affected Releases: 20.0.0 21.0.0 21.0.M0.64702. Known Fixed Releases: 21.0.0 21.0.0.65256 21.0.M0.64970 21.0.V0.65150 21.1.A0.64973 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.VC0.65203.",Cisco,Cisco Aggregation Services Router (asr) 5000 Series Switch,7.5,HIGH,0.0029899999499320984,false,,false,false,false,,,false,false,,2016-12-14T00:37:00.000Z,0