cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-1424,https://securityvulnerability.io/vulnerability/CVE-2021-1424,Cisco ASR 5000 Series Software Vulnerability Could Lead to Denial of Service,"A vulnerability exists in the ipsecmgr process of Cisco ASR 5000 Series Software that could enable unauthenticated, remote attackers to induce a denial of service condition. This issue arises from inadequate validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. By sending specifically crafted IKEv2 packets to vulnerable devices, an attacker can manipulate the ipsecmgr process to restart, which interrupts ongoing IKE negotiations and leads to temporary disruption of service. Cisco has released software updates to mitigate this issue. Currently, there are no workarounds available to address this vulnerability.",Cisco,Cisco Asr 5000 Series Software,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-11-18T15:35:11.060Z,0
CVE-2023-20046,https://securityvulnerability.io/vulnerability/CVE-2023-20046,Privilege Escalation Vulnerability in Cisco StarOS Software,"A security flaw exists in the key-based SSH authentication mechanism of Cisco StarOS Software that could allow an authenticated remote attacker to gain elevated privileges. This issue arises due to inadequate validation of user-provided credentials. An attacker can exploit this by submitting a valid SSH key with low privileges while impersonating a high-privileged user account from a configured source IP. If successful, this would enable unauthorized access to the device as a high-privileged user. Mitigations are available to address this issue.",Cisco,"Cisco ASR 5000 Series Software,Cisco Ultra Cloud Core - User Plane Function",8.8,HIGH,0.00171999994199723,false,,false,false,false,,,false,false,,2023-05-09T18:15:00.000Z,0
CVE-2023-20051,https://securityvulnerability.io/vulnerability/CVE-2023-20051,Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability,"A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS).",Cisco,Cisco Asr 5000 Series Software,5.8,MEDIUM,0.0013699999544769526,false,,false,false,true,2024-10-28T17:15:05.000Z,,false,false,,2023-04-05T00:00:00.000Z,0
CVE-2022-20665,https://securityvulnerability.io/vulnerability/CVE-2022-20665,Cisco StarOS Command Injection Vulnerability,"A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.",Cisco,Cisco Asr 5000 Series Software,6,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-03T03:15:35.000Z,,false,false,,2022-04-06T19:15:00.000Z,0
CVE-2021-1540,https://securityvulnerability.io/vulnerability/CVE-2021-1540,Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities,"Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Asr 5000 Series Software,8.1,HIGH,0.005439999978989363,false,,false,false,true,2024-08-03T17:16:00.000Z,,false,false,,2021-06-04T17:15:00.000Z,0
CVE-2021-1539,https://securityvulnerability.io/vulnerability/CVE-2021-1539,Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities,"Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.",Cisco,Cisco Asr 5000 Series Software,8.1,HIGH,0.005439999978989363,false,,false,false,true,2024-08-03T17:16:00.000Z,,false,false,,2021-06-04T17:15:00.000Z,0
CVE-2021-1378,https://securityvulnerability.io/vulnerability/CVE-2021-1378,Cisco StarOS Denial of Service Vulnerability,"A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device.",Cisco,Cisco Asr 5000 Series Software,5.3,MEDIUM,0.0013299999991431832,false,,false,false,true,2024-08-03T17:15:53.000Z,,false,false,,2021-02-17T00:00:00.000Z,0
CVE-2021-1353,https://securityvulnerability.io/vulnerability/CVE-2021-1353,Cisco StarOS IPv4 Denial of Service Vulnerability,"A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device.",Cisco,Cisco Asr 5000 Series Software,5.8,MEDIUM,0.0015999999595806003,false,,false,false,true,2024-08-03T17:15:52.000Z,,false,false,,2021-01-20T00:00:00.000Z,0
CVE-2021-1145,https://securityvulnerability.io/vulnerability/CVE-2021-1145,Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability,"A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device.",Cisco,Cisco Asr 5000 Series Software,6.5,MEDIUM,0.001500000013038516,false,,false,false,true,2024-08-03T17:15:41.000Z,,false,false,,2021-01-13T00:00:00.000Z,0
CVE-2020-3602,https://securityvulnerability.io/vulnerability/CVE-2020-3602,Cisco StarOS Privilege Escalation Vulnerability,"A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.",Cisco,Cisco Asr 5000 Series Software,6.3,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-04T08:16:48.000Z,,false,false,,2020-10-08T05:15:00.000Z,0
CVE-2020-3601,https://securityvulnerability.io/vulnerability/CVE-2020-3601,Cisco StarOS Privilege Escalation Vulnerability,"A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.",Cisco,Cisco Asr 5000 Series Software,4.4,MEDIUM,0.0004199999966658652,false,,false,false,true,2024-08-04T08:16:48.000Z,,false,false,,2020-10-08T05:15:00.000Z,0
CVE-2020-3500,https://securityvulnerability.io/vulnerability/CVE-2020-3500,Cisco StarOS IPv6 Denial of Service Vulnerability,"A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.",Cisco,Cisco Asr 5000 Series Software,6.8,MEDIUM,0.0015999999595806003,false,,false,false,true,2024-08-04T08:16:43.000Z,,false,false,,2020-08-17T18:15:00.000Z,0
CVE-2020-3244,https://securityvulnerability.io/vulnerability/CVE-2020-3244,Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability,"A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption.",Cisco,Cisco Asr 5000 Series Software,5.3,MEDIUM,0.001290000043809414,false,,false,false,true,2024-08-04T08:16:31.000Z,,false,false,,2020-06-18T03:15:00.000Z,0
CVE-2019-16026,https://securityvulnerability.io/vulnerability/CVE-2019-16026,Cisco Mobility Management Entity Denial of Service Vulnerability,"A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition.",Cisco,Cisco Asr 5000 Series Software,6.8,MEDIUM,0.0012400000123307109,false,,false,false,true,2024-08-05T02:15:48.000Z,,false,false,,2020-01-26T05:15:00.000Z,0
CVE-2019-1869,https://securityvulnerability.io/vulnerability/CVE-2019-1869,Cisco StarOS Denial of Service Vulnerability,"A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.",Cisco,Cisco Asr 5000 Series Software,8.6,HIGH,0.0009399999980814755,false,,false,false,true,2024-08-04T19:16:15.000Z,,false,false,,2019-06-20T03:15:00.000Z,0
CVE-2016-9216,https://securityvulnerability.io/vulnerability/CVE-2016-9216,,"An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. More Information: CSCuy06917 CSCuy45036 CSCuy59525. Known Affected Releases: 20.0.0 20.0.M0.62842 20.0.v0 20.0.M0.63229 20.1.0 20.1.a0 20.1.v0 21.0.0 21.0.v0. Known Fixed Releases: 20.0.0 20.0.0.63250 20.0.M0.63148 20.0.R0.63294 20.0.R0.63316 20.0.V0.63170 20.0.VG0.63188 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.A0.63166 20.2.A0.63174 20.1.A0.63232 20.2.A0.63237 20.0.M0.63226 20.0.M0.63229 20.0.R0.63294 20.0.R0.63316 20.0.V0.63263 20.0.VG0.63233 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.0 20.1.0.63959 20.1.M0.63876 20.1.T0.63886 20.1.V0.64231 20.1.VA0.64194 20.1.VB0.64210 20.1.a0 20.1.a0.64023 20.1.v0 20.1.v0.64607 20.2.A0.63895 21.0.0 21.0.0.65256 21.0.M0.63881 21.0.M0.64281 21.0.PP0.64366 21.0.V0.65052 21.0.v0 21.0.v0.65831 21.0.vb0.65887 21.1.R0.65130 21.1.R0.65135.",Cisco,Cisco Asr 5000 Software,5.3,MEDIUM,0.0016400000313296914,false,,false,false,false,,,false,false,,2017-01-26T07:45:00.000Z,0
CVE-2016-1452,https://securityvulnerability.io/vulnerability/CVE-2016-1452,,"Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526.",Cisco,"Asr 5000,Asr 5000 Software",6.5,MEDIUM,0.0026400000788271427,false,,false,false,false,,,false,false,,2016-07-15T16:00:00.000Z,0
CVE-2016-1436,https://securityvulnerability.io/vulnerability/CVE-2016-1436,,"The General Packet Radio Switching Tunneling Protocol 1 (aka GTPv1) implementation on Cisco ASR 5000 Packet Data Network Gateway devices before 19.4 allows remote attackers to cause a denial of service (Session Manager process restart) via a crafted GTPv1 packet, aka Bug ID CSCuz46198.",Cisco,Asr 5000 Software,7.5,HIGH,0.0018100000452250242,false,,false,false,false,,,false,false,,2016-06-23T00:00:00.000Z,0
CVE-2016-1335,https://securityvulnerability.io/vulnerability/CVE-2016-1335,,"The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492.",Cisco,Asr 5000 Series Software,7.5,HIGH,0.0010900000343099236,false,,false,false,false,,,false,false,,2016-02-19T19:00:00.000Z,0
CVE-2015-6382,https://securityvulnerability.io/vulnerability/CVE-2015-6382,,"Cisco ASR 5000 devices with software 16.0(900) allow remote attackers to cause a denial of service (telnetd process restart) via a TELNET connection, aka Bug ID CSCuv25815.",Cisco,Asr 5000 Series Software,,,0.0018599999602884054,false,,false,false,false,,,false,false,,2015-11-26T02:00:00.000Z,0
CVE-2015-6351,https://securityvulnerability.io/vulnerability/CVE-2015-6351,,"Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices with software 19.1.0.61559 and 19.2.0 allow remote attackers to cause a denial of service (BGP process restart) via a crafted header in a BGP packet, aka Bug ID CSCuw65781.",Cisco,Asr 5000 Software,,,0.0018599999602884054,false,,false,false,false,,,false,false,,2015-10-30T10:00:00.000Z,0
CVE-2015-6340,https://securityvulnerability.io/vulnerability/CVE-2015-6340,,"The Proxy Mobile IPv6 (PMIPv6) component in the CDMA implementation on Cisco ASR 5000 devices with software 19.0.M0.60737 allows remote attackers to cause a denial of service (hamgr process restart) via a crafted header in a PMIPv6 packet, aka Bug ID CSCuv63280.",Cisco,Asr 5000 Software,,,0.0009699999936856329,false,,false,false,false,,,false,false,,2015-10-27T01:00:00.000Z,0
CVE-2015-6334,https://securityvulnerability.io/vulnerability/CVE-2015-6334,,"Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and 19.0.M0.61045 allow remote attackers to cause a denial of service (vpnmgr process restart) via a crafted header in a TACACS packet, aka Bug ID CSCuw01984.",Cisco,Asr 5000 Software,,,0.0009699999936856329,false,,false,false,false,,,false,false,,2015-10-16T01:00:00.000Z,0
CVE-2015-6256,https://securityvulnerability.io/vulnerability/CVE-2015-6256,,"Cisco ASR 5000 devices with software 19.0.M0.60828 allow remote attackers to cause a denial of service (OSPF process restart) via crafted length fields in headers of OSPF packets, aka Bug ID CSCuv62820.",Cisco,Asr 5000 Series Software,,,0.0009699999936856329,false,,false,false,false,,,false,false,,2015-08-22T17:00:00.000Z,0
CVE-2015-4275,https://securityvulnerability.io/vulnerability/CVE-2015-4275,,"The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 18.0.0.59167 and 18.0.0.59211 allows remote attackers to cause a denial of service via a malformed header in a GTPv2 packet, aka Bug ID CSCut11534.",Cisco,Asr 5000 Series Software,,,0.0018599999602884054,false,,false,false,false,,,false,false,,2015-07-16T19:00:00.000Z,0