cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2018-0122,https://securityvulnerability.io/vulnerability/CVE-2018-0122,,"A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command for the affected operating system. A successful exploit could allow the attacker to overwrite or modify arbitrary files that are stored in the flash memory of an affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93335.",Cisco,Cisco Staros For Cisco Asr 5000 Series Aggregation Services Routers,4.4,MEDIUM,0.002219999907538295,false,,false,false,false,,,false,false,,2018-02-08T07:00:00.000Z,0
CVE-2017-6773,https://securityvulnerability.io/vulnerability/CVE-2017-6773,,"A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system. The vulnerability is due to insufficient input sanitization of user-supplied input at the CLI. An attacker could exploit this vulnerability by crafting a script on the device that will allow them to bypass built-in restrictions. An exploit could allow the unauthorized user to launch the CLI directly from a command shell. Cisco Bug IDs: CSCvd47722. Known Affected Releases: 21.0.v0.65839.",Cisco,Staros For Asr 5000 Series Aggregated Services Routers,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-08-17T20:29:00.000Z,0
CVE-2017-6774,https://securityvulnerability.io/vulnerability/CVE-2017-6774,,"A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files. The vulnerability is due to the inclusion of sensitive system files within specific FTP subdirectories. An attacker could exploit this vulnerability by overwriting sensitive configuration files through FTP. An exploit could allow the attacker to overwrite configuration files on an affected system. Cisco Bug IDs: CSCvd47739. Known Affected Releases: 21.0.v0.65839.",Cisco,Staros For Asr 5000 Series Aggregated Services Routers,5,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2017-08-17T20:29:00.000Z,0
CVE-2017-6775,https://securityvulnerability.io/vulnerability/CVE-2017-6775,,"A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges. The vulnerability is due to incorrect permissions that are given to a set of users. An attacker could exploit this vulnerability by logging in to the shell of an affected device and elevating their privileges by modifying environment variables. An exploit could allow the attacker to gain admin-level privileges and take control of the affected device. Cisco Bug IDs: CSCvd47741. Known Affected Releases: 21.0.v0.65839.",Cisco,Staros For Asr 5000 Series Aggregated Services Routers,5.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2017-08-17T20:29:00.000Z,0