cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-1424,https://securityvulnerability.io/vulnerability/CVE-2021-1424,Cisco ASR 5000 Series Software Vulnerability Could Lead to Denial of Service,"A vulnerability exists in the ipsecmgr process of Cisco ASR 5000 Series Software that could enable unauthenticated, remote attackers to induce a denial of service condition. This issue arises from inadequate validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. By sending specifically crafted IKEv2 packets to vulnerable devices, an attacker can manipulate the ipsecmgr process to restart, which interrupts ongoing IKE negotiations and leads to temporary disruption of service. Cisco has released software updates to mitigate this issue. Currently, there are no workarounds available to address this vulnerability.",Cisco,Cisco Asr 5000 Series Software,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-11-18T15:35:11.060Z,0
CVE-2023-20046,https://securityvulnerability.io/vulnerability/CVE-2023-20046,Privilege Escalation Vulnerability in Cisco StarOS Software,"A security flaw exists in the key-based SSH authentication mechanism of Cisco StarOS Software that could allow an authenticated remote attacker to gain elevated privileges. This issue arises due to inadequate validation of user-provided credentials. An attacker can exploit this by submitting a valid SSH key with low privileges while impersonating a high-privileged user account from a configured source IP. If successful, this would enable unauthorized access to the device as a high-privileged user. Mitigations are available to address this issue.",Cisco,"Cisco ASR 5000 Series Software,Cisco Ultra Cloud Core - User Plane Function",8.8,HIGH,0.00171999994199723,false,,false,false,false,,,false,false,,2023-05-09T18:15:00.000Z,0
CVE-2023-20051,https://securityvulnerability.io/vulnerability/CVE-2023-20051,Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability,"A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS).",Cisco,Cisco Asr 5000 Series Software,5.8,MEDIUM,0.0013699999544769526,false,,false,false,true,2024-10-28T17:15:05.000Z,,false,false,,2023-04-05T00:00:00.000Z,0
CVE-2022-20665,https://securityvulnerability.io/vulnerability/CVE-2022-20665,Cisco StarOS Command Injection Vulnerability,"A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.",Cisco,Cisco Asr 5000 Series Software,6,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-03T03:15:35.000Z,,false,false,,2022-04-06T19:15:00.000Z,0
CVE-2021-1540,https://securityvulnerability.io/vulnerability/CVE-2021-1540,Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities,"Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Asr 5000 Series Software,8.1,HIGH,0.005439999978989363,false,,false,false,true,2024-08-03T17:16:00.000Z,,false,false,,2021-06-04T17:15:00.000Z,0
CVE-2021-1539,https://securityvulnerability.io/vulnerability/CVE-2021-1539,Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities,"Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Asr 5000 Series Software,8.1,HIGH,0.005439999978989363,false,,false,false,true,2024-08-03T17:16:00.000Z,,false,false,,2021-06-04T17:15:00.000Z,0
CVE-2021-1378,https://securityvulnerability.io/vulnerability/CVE-2021-1378,Cisco StarOS Denial of Service Vulnerability,"A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device.",Cisco,Cisco Asr 5000 Series Software,5.3,MEDIUM,0.0013299999991431832,false,,false,false,true,2024-08-03T17:15:53.000Z,,false,false,,2021-02-17T00:00:00.000Z,0
CVE-2021-1353,https://securityvulnerability.io/vulnerability/CVE-2021-1353,Cisco StarOS IPv4 Denial of Service Vulnerability,"A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device.",Cisco,Cisco Asr 5000 Series Software,5.8,MEDIUM,0.0015999999595806003,false,,false,false,true,2024-08-03T17:15:52.000Z,,false,false,,2021-01-20T00:00:00.000Z,0
CVE-2021-1145,https://securityvulnerability.io/vulnerability/CVE-2021-1145,Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability,"A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device.",Cisco,Cisco Asr 5000 Series Software,6.5,MEDIUM,0.001500000013038516,false,,false,false,true,2024-08-03T17:15:41.000Z,,false,false,,2021-01-13T00:00:00.000Z,0
CVE-2020-3602,https://securityvulnerability.io/vulnerability/CVE-2020-3602,Cisco StarOS Privilege Escalation Vulnerability,"A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.",Cisco,Cisco Asr 5000 Series Software,6.3,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-04T08:16:48.000Z,,false,false,,2020-10-08T05:15:00.000Z,0
CVE-2020-3601,https://securityvulnerability.io/vulnerability/CVE-2020-3601,Cisco StarOS Privilege Escalation Vulnerability,"A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.",Cisco,Cisco Asr 5000 Series Software,4.4,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-04T08:16:48.000Z,,false,false,,2020-10-08T05:15:00.000Z,0
CVE-2020-3500,https://securityvulnerability.io/vulnerability/CVE-2020-3500,Cisco StarOS IPv6 Denial of Service Vulnerability,"A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.",Cisco,Cisco Asr 5000 Series Software,6.8,MEDIUM,0.0015999999595806003,false,,false,false,true,2024-08-04T08:16:43.000Z,,false,false,,2020-08-17T18:15:00.000Z,0
CVE-2020-3244,https://securityvulnerability.io/vulnerability/CVE-2020-3244,Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability,"A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption.",Cisco,Cisco Asr 5000 Series Software,5.3,MEDIUM,0.001290000043809414,false,,false,false,true,2024-08-04T08:16:31.000Z,,false,false,,2020-06-18T03:15:00.000Z,0
CVE-2019-16026,https://securityvulnerability.io/vulnerability/CVE-2019-16026,Cisco Mobility Management Entity Denial of Service Vulnerability,"A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition.",Cisco,Cisco Asr 5000 Series Software,6.8,MEDIUM,0.0012400000123307109,false,,false,false,true,2024-08-05T02:15:48.000Z,,false,false,,2020-01-26T05:15:00.000Z,0
CVE-2019-1869,https://securityvulnerability.io/vulnerability/CVE-2019-1869,Cisco StarOS Denial of Service Vulnerability,"A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.",Cisco,Cisco Asr 5000 Series Software,8.6,HIGH,0.0009399999980814755,false,,false,false,true,2024-08-04T19:16:15.000Z,,false,false,,2019-06-20T03:15:00.000Z,0
CVE-2016-1335,https://securityvulnerability.io/vulnerability/CVE-2016-1335,,"The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492.",Cisco,Asr 5000 Series Software,7.5,HIGH,0.0010900000343099236,false,,false,false,false,,,false,false,,2016-02-19T19:00:00.000Z,0
CVE-2015-6382,https://securityvulnerability.io/vulnerability/CVE-2015-6382,,"Cisco ASR 5000 devices with software 16.0(900) allow remote attackers to cause a denial of service (telnetd process restart) via a TELNET connection, aka Bug ID CSCuv25815.",Cisco,Asr 5000 Series Software,,,0.0018599999602884054,false,,false,false,false,,,false,false,,2015-11-26T02:00:00.000Z,0
CVE-2015-6256,https://securityvulnerability.io/vulnerability/CVE-2015-6256,,"Cisco ASR 5000 devices with software 19.0.M0.60828 allow remote attackers to cause a denial of service (OSPF process restart) via crafted length fields in headers of OSPF packets, aka Bug ID CSCuv62820.",Cisco,Asr 5000 Series Software,,,0.0009699999936856329,false,,false,false,false,,,false,false,,2015-08-22T17:00:00.000Z,0
CVE-2015-4275,https://securityvulnerability.io/vulnerability/CVE-2015-4275,,"The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 18.0.0.59167 and 18.0.0.59211 allows remote attackers to cause a denial of service via a malformed header in a GTPv2 packet, aka Bug ID CSCut11534.",Cisco,Asr 5000 Series Software,,,0.0018599999602884054,false,,false,false,false,,,false,false,,2015-07-16T19:00:00.000Z,0
CVE-2015-4273,https://securityvulnerability.io/vulnerability/CVE-2015-4273,,"The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 15.0(912), 15.0(935), and 15.0(938) allows remote attackers to cause a denial of service (Session Manager outage) via malformed fields in an IP packet, aka Bug ID CSCut38476.",Cisco,Asr 5000 Series Software,,,0.0009699999936856329,false,,false,false,false,,,false,false,,2015-07-15T14:00:00.000Z,0
CVE-2015-4244,https://securityvulnerability.io/vulnerability/CVE-2015-4244,,"The boot implementation on Cisco ASR 5000 and 5500 devices with software 14.0 allows local users to execute arbitrary Linux commands by leveraging administrative privileges for storage of these commands in a Compact Flash (CF) file, aka Bug ID CSCuu75278.",Cisco,Asr 5000 Series Software,,,0.0004199999966658652,false,,false,false,false,,,false,false,,2015-07-10T10:00:00.000Z,0
CVE-2015-4201,https://securityvulnerability.io/vulnerability/CVE-2015-4201,,"The Gateway General Packet Radio Service Support Node (GGSN) component on Cisco ASR 5000 devices with software 17.2.0.59184 and 18.0.L0.59219 allows remote attackers to cause a denial of service (Session Manager restart) via an invalid TCP/IP header, aka Bug ID CSCut68058.",Cisco,Asr 5000 Series Software,,,0.003280000062659383,false,,false,false,false,,,false,false,,2015-06-20T10:00:00.000Z,0
CVE-2015-0617,https://securityvulnerability.io/vulnerability/CVE-2015-0617,,"Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices allow remote attackers to cause a denial of service (CPU consumption and SNMP outage) via malformed SNMP packets, aka Bug ID CSCur13393.",Cisco,Asr 5000 Series Software,,,0.005630000028759241,false,,false,false,false,,,false,false,,2015-02-18T02:00:00.000Z,0
CVE-2014-3331,https://securityvulnerability.io/vulnerability/CVE-2014-3331,,"The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914.",Cisco,Asr 5000 Series Software,,,0.022089999169111252,false,,false,false,false,,,false,false,,2014-08-20T10:00:00.000Z,0
CVE-2014-0669,https://securityvulnerability.io/vulnerability/CVE-2014-0669,,"The Wireless Session Protocol (WSP) feature in the Gateway GPRS Support Node (GGSN) component on Cisco ASR 5000 series devices allows remote attackers to bypass intended Top-Up payment restrictions via unspecified WSP packets, aka Bug ID CSCuh28371.",Cisco,Asr 5000 Series Software,,,0.004629999864846468,false,,false,false,false,,,false,false,,2014-01-22T02:00:00.000Z,0