25 results (0.023 seconds)

CVSS: 8.8EPSS: 0%CPEs: 15EXPL: 0

A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user. There are workarounds that address this vulnerability. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h • CWE-289: Authentication Bypass by Alternate Name CWE-522: Insufficiently Protected Credentials •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS). • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q • CWE-400: Uncontrolled Resource Consumption •

CVSS: 8.6EPSS: 0%CPEs: 322EXPL: 0

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition. Una vulnerabilidad en el procesamiento de paquetes malformados del Protocolo Industrial Común (CIP) que se envían al software Cisco IOS y al software Cisco IOS XE podría permitir a un atacante remoto no autenticado causar una recarga no esperada del dispositivo afectado, lo que provocaría una condición de denegación de servicio (DoS). • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-cip-dos-9rTbKLt9 • CWE-248: Uncaught Exception CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 0

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el proceso de autorización de Cisco ASR 5000 Series Software (StarOS), podría permitir a un atacante remoto autenticado omitir la autorización y ejecutar un subconjunto de comandos de CLI en un dispositivo afectado. Para obtener más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n • CWE-863: Incorrect Authorization •