5 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0

A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Series Aggregation Services Routers through 21.x could allow an unauthenticated, remote attacker to bypass ACL rules that have been configured for an affected device. More Information: CSCvb99022 CSCvc16964 CSCvc37351 CSCvc54843 CSCvc63444 CSCvc77815 CSCvc88658 CSCve08955 CSCve14141 CSCve33870. Una vulnerabilidad en ciertos mecanismos de filtrado de listas de control de acceso (ACL) para ASR 5000 Series Aggregation Services Routers hasta la versión 21.x de Cisco, podría permitir a un atacante remoto no autenticado omitir las reglas ACL que se han configurado para un dispositivo afectado. Más información: CSCvb99022 CSCvc16964 CSCvc37351 CSCvc54843 CSCvc63444 CSCvc77815 CSCvc88658 CSCve08955 CSCve14141 CSCve33870. • http://www.securityfocus.com/bid/99921 http://www.securitytracker.com/id/1038962 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr1 • CWE-863: Incorrect Authorization •

CVSS: 8.6EPSS: 0%CPEs: 7EXPL: 0

A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers 17.3.9.62033 through 21.1.2 could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. More Information: CSCvc67927. Una vulnerabilidad en el nodo de soporte del gateway GPRS (GGSN) de ASR 5000 Series Aggregation Services Routers versión 17.3.9.62033 hasta 21.1.2 de Cisco, podría permitir a un atacante remoto no autenticado redireccionar el tráfico HTTP enviado hacia un dispositivo afectado. Más información: CSCvc67927. • http://www.securityfocus.com/bid/99920 http://www.securitytracker.com/id/1038961 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 53EXPL: 0

A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reload, resulting in a denial of service (DoS) condition. This vulnerability affects the following products if they are running the Cisco StarOS operating system and BGP is enabled for the system: Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core Software. More Information: CSCvc44968. Known Affected Releases: 16.4.1 19.1.0 21.1.0 21.1.M0.65824. Known Fixed Releases: 21.3.A0.65902 21.2.A0.65905 21.1.b0.66164 21.1.V0.66014 21.1.R0.65898 21.1.M0.65894 21.1.0.66030 21.1.0. • http://www.securityfocus.com/bid/100015 http://www.securitytracker.com/id/1038819 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-staros •

CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0

A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series routers with Data Processing Card 2 (DPC2) could allow an unauthenticated, remote attacker to cause a subset of the subscriber sessions to be disconnected, resulting in a partial denial of service (DoS) condition. This vulnerability affects Cisco ASR 5500 devices with Data Processing Card 2 (DPC2) running StarOS 18.0 or later. More Information: CSCvb12081. Known Affected Releases: 18.7.4 19.5.0 20.0.2.64048 20.2.3 21.0.0. Known Fixed Releases: 18.7.4 18.7.4.65030 18.8.M0.65044 19.5.0 19.5.0.65092 19.5.M0.65023 19.5.M0.65050 20.2.3 20.2.3.64982 20.2.3.65017 20.2.a4.65307 20.3.M0.64984 20.3.M0.65029 20.3.M0.65037 20.3.M0.65071 20.3.T0.64985 20.3.T0.65031 20.3.T0.65043 20.3.T0.65067 21.0.0 21.0.0.65256 21.0.M0.64922 21.0.M0.64983 21.0.M0.65140 21.0.V0.65150 21.1.A0.64932 21.1.A0.64987 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.65203 21.2.A0.65147. • http://www.securityfocus.com/bid/94071 http://www.securitytracker.com/id/1037186 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-asr • CWE-399: Resource Management Errors •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0

Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526. Dispositivos Cisco ASR 5000 con software 18.3 hasta la versión 20.0.0 permiten a atacantes remotos realizar cambios de configuración sobre SNMP aprovechando los conocimientos de la comunidad de lectura y escritura, también conocido como Bug ID CSCuz29526. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-asr http://www.securityfocus.com/bid/91756 http://www.securitytracker.com/id/1036298 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •