CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2020-3244 – Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3244
18 Jun 2020 — A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the tra... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-16026 – Cisco Mobility Management Entity Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-16026
26 Jan 2020 — A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos • CWE-20: Improper Input Validation •
CVSS: 8.6EPSS: 0%CPEs: 10EXPL: 0CVE-2019-1869 – Cisco StarOS Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2019-1869
20 Jun 2019 — A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could al... • http://www.securityfocus.com/bid/108853 • CWE-824: Access of Uninitialized Pointer •