CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9203
https://notcve.org/view.php?id=CVE-2016-9203
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process. More Information: CSCvb38398. Known Affected Releases: 20.2.3 20.2.3.65026. Known Fixed Releases: 21.1.M0.65431 21.1.PP0.65733 21.1.R0.65467 21.1.R0.65496 21.1.VC0.65434 21.1.VC0.65489 21.2.A0.65437. Una vulnerabilidad en la característica Internet Key Exchange Version 2 (IKEv2) de Cisco ASR 5000 Series Software podría permitir a un atacante remoto no autenticado provocar el reinicio del proceso ipsecmgr. • http://www.securityfocus.com/bid/94790 http://www.securitytracker.com/id/1037413 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-asr1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-6467
https://notcve.org/view.php?id=CVE-2016-6467
A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Unit (NPU) process. More Information: CSCva84552. Known Affected Releases: 20.0.0 21.0.0 21.0.M0.64702. Known Fixed Releases: 21.0.0 21.0.0.65256 21.0.M0.64970 21.0.V0.65150 21.1.A0.64973 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.VC0.65203. Una vulnerabilidad en el reensamblaje de fragmentos de paquetes IPv6 de StarOS para Cisco Aggregation Services Router (ASR) 5000 Series Switch puede permitir a un atacante remoto no autenticado provocar un reinicio inesperado del proceso Network Processing Unit (NPU). • http://www.securityfocus.com/bid/94772 http://www.securitytracker.com/id/1037416 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-asr • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-6466
https://notcve.org/view.php?id=CVE-2016-6466
A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Known Fixed Releases: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147. • http://www.securityfocus.com/bid/94361 http://www.securitytracker.com/id/1037308 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asr • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2016-6455
https://notcve.org/view.php?id=CVE-2016-6455
A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series routers with Data Processing Card 2 (DPC2) could allow an unauthenticated, remote attacker to cause a subset of the subscriber sessions to be disconnected, resulting in a partial denial of service (DoS) condition. This vulnerability affects Cisco ASR 5500 devices with Data Processing Card 2 (DPC2) running StarOS 18.0 or later. More Information: CSCvb12081. Known Affected Releases: 18.7.4 19.5.0 20.0.2.64048 20.2.3 21.0.0. Known Fixed Releases: 18.7.4 18.7.4.65030 18.8.M0.65044 19.5.0 19.5.0.65092 19.5.M0.65023 19.5.M0.65050 20.2.3 20.2.3.64982 20.2.3.65017 20.2.a4.65307 20.3.M0.64984 20.3.M0.65029 20.3.M0.65037 20.3.M0.65071 20.3.T0.64985 20.3.T0.65031 20.3.T0.65043 20.3.T0.65067 21.0.0 21.0.0.65256 21.0.M0.64922 21.0.M0.64983 21.0.M0.65140 21.0.V0.65150 21.1.A0.64932 21.1.A0.64987 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.65203 21.2.A0.65147. • http://www.securityfocus.com/bid/94071 http://www.securitytracker.com/id/1037186 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-asr • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2016-1452
https://notcve.org/view.php?id=CVE-2016-1452
Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526. Dispositivos Cisco ASR 5000 con software 18.3 hasta la versión 20.0.0 permiten a atacantes remotos realizar cambios de configuración sobre SNMP aprovechando los conocimientos de la comunidad de lectura y escritura, también conocido como Bug ID CSCuz29526. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-asr http://www.securityfocus.com/bid/91756 http://www.securitytracker.com/id/1036298 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •