CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-9216
https://notcve.org/view.php?id=CVE-2016-9216
26 Jan 2017 — An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. More Information: CSCuy06917 CSCuy45036 CSCuy59525. Known Affected Releases: 20.0.0 20.0.M0.62842 20.0.v0 20.0.M0.63229 20.1.0 20.1.a0 20.1.v0 21.0.0 21.0.v0. Known Fixed Releases: 20.0.0 20.0.0.63250 20.0.M0.63148 20.0.R0.63294 20.0.R0.63316 20.0.V0.63170 20.0.VG0.63188 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.A0.6... • http://www.securityfocus.com/bid/95629 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2016-6467
https://notcve.org/view.php?id=CVE-2016-6467
14 Dec 2016 — A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Unit (NPU) process. More Information: CSCva84552. Known Affected Releases: 20.0.0 21.0.0 21.0.M0.64702. Known Fixed Releases: 21.0.0 21.0.0.65256 21.0.M0.64970 21.0.V0.65150 21.1.A0.64973 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.VC0.65203. Una vulnerabilidad en el reensamblaje... • http://www.securityfocus.com/bid/94772 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2016-9203
https://notcve.org/view.php?id=CVE-2016-9203
14 Dec 2016 — A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process. More Information: CSCvb38398. Known Affected Releases: 20.2.3 20.2.3.65026. Known Fixed Releases: 21.1.M0.65431 21.1.PP0.65733 21.1.R0.65467 21.1.R0.65496 21.1.VC0.65434 21.1.VC0.65489 21.2.A0.65437. Una vulnerabilidad en la característica Internet Key Exchange Version 2 (IKEv2) de Cisco ASR 5000 Series Software po... • http://www.securityfocus.com/bid/94790 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-6466
https://notcve.org/view.php?id=CVE-2016-6466
19 Nov 2016 — A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Kno... • http://www.securityfocus.com/bid/94361 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2016-6455
https://notcve.org/view.php?id=CVE-2016-6455
03 Nov 2016 — A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series routers with Data Processing Card 2 (DPC2) could allow an unauthenticated, remote attacker to cause a subset of the subscriber sessions to be disconnected, resulting in a partial denial of service (DoS) condition. This vulnerability affects Cisco ASR 5500 devices with Data Processing Card 2 (DPC2) running StarOS 18.0 or later. More Information: CSCvb12081. Known Affected Releases: 18.7.4 19.5.0 20.0.2.64048 20.2.3 21.0.0. Known Fixed Releas... • http://www.securityfocus.com/bid/94071 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2016-1452
https://notcve.org/view.php?id=CVE-2016-1452
15 Jul 2016 — Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526. Dispositivos Cisco ASR 5000 con software 18.3 hasta la versión 20.0.0 permiten a atacantes remotos realizar cambios de configuración sobre SNMP aprovechando los conocimientos de la comunidad de lectura y escritura, también conocido como Bug ID CSCuz29526. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-asr • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •
CVSS: 7.5EPSS: 1%CPEs: 22EXPL: 0CVE-2016-1436
https://notcve.org/view.php?id=CVE-2016-1436
23 Jun 2016 — The General Packet Radio Switching Tunneling Protocol 1 (aka GTPv1) implementation on Cisco ASR 5000 Packet Data Network Gateway devices before 19.4 allows remote attackers to cause a denial of service (Session Manager process restart) via a crafted GTPv1 packet, aka Bug ID CSCuz46198. La implementación General Packet Radio Switching Tunneling Protocol 1 (también conocido como GTPv1) en dispositivos Cisco ASR 5000 Packet Data Network Gateway en versiones anteriores a 19.4 permite a atacantes remotos causar ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160621-asr • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0CVE-2016-1335
https://notcve.org/view.php?id=CVE-2016-1335
19 Feb 2016 — The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492. La implementación de SSH en Cisco StarOS en versiones anteriores a 19.3.M0.62771 y 20.x en versiones anteriores a 20.0.M0.62768 en dispositivos ASR 5... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-asr • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6382
https://notcve.org/view.php?id=CVE-2015-6382
26 Nov 2015 — Cisco ASR 5000 devices with software 16.0(900) allow remote attackers to cause a denial of service (telnetd process restart) via a TELNET connection, aka Bug ID CSCuv25815. Dispositivos Cisco ASR 5000 con software 16.0(900) permiten a atacantes remotos provocar una denegación de servicio (reinicio de proceso telnetd) a través de una conexión TELNET, también conocido como Bug ID CSCuv25815. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-asr5000 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2015-6351
https://notcve.org/view.php?id=CVE-2015-6351
30 Oct 2015 — Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices with software 19.1.0.61559 and 19.2.0 allow remote attackers to cause a denial of service (BGP process restart) via a crafted header in a BGP packet, aka Bug ID CSCuw65781. Los dispositivos Cisco ASR 5500 System Architecture Evolution (SAE) Gateway con software 19.1.0.61559 y 19.2.0 permiten a atacantes remotos provocar una denegación de servicio (reinicio de proceso BGP) a través de una cabecera manipulada en un paquete BGP, también conocid... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151028-asr • CWE-20: Improper Input Validation •