CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0CVE-2016-1335
https://notcve.org/view.php?id=CVE-2016-1335
19 Feb 2016 — The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492. La implementación de SSH en Cisco StarOS en versiones anteriores a 19.3.M0.62771 y 20.x en versiones anteriores a 20.0.M0.62768 en dispositivos ASR 5... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-asr • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2015-4201
https://notcve.org/view.php?id=CVE-2015-4201
20 Jun 2015 — The Gateway General Packet Radio Service Support Node (GGSN) component on Cisco ASR 5000 devices with software 17.2.0.59184 and 18.0.L0.59219 allows remote attackers to cause a denial of service (Session Manager restart) via an invalid TCP/IP header, aka Bug ID CSCut68058. El componente Gateway General Packet Radio Service Support Node (GGSN) en los dispositivos Cisco ASR 5000 con software 17.2.0.59184 y 18.0.L0.59219 permite a atacantes remotos causar una denegación de servicio (reinicio de Session Manager... • http://tools.cisco.com/security/center/viewAlert.x?alertId=39431 • CWE-20: Improper Input Validation •