CVSS: 9.0EPSS: 0%CPEs: 24EXPL: 0CVE-2017-3819
https://notcve.org/view.php?id=CVE-2017-3819
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. • http://www.securityfocus.com/bid/96913 http://www.securitytracker.com/id/1038050 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr • CWE-264: Permissions, Privileges, and Access Controls CWE-306: Missing Authentication for Critical Function •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2016-9216
https://notcve.org/view.php?id=CVE-2016-9216
An IKE Packet Parsing Denial of Service Vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an unauthenticated, remote attacker to cause the ipsecmgr process to reload. More Information: CSCuy06917 CSCuy45036 CSCuy59525. Known Affected Releases: 20.0.0 20.0.M0.62842 20.0.v0 20.0.M0.63229 20.1.0 20.1.a0 20.1.v0 21.0.0 21.0.v0. Known Fixed Releases: 20.0.0 20.0.0.63250 20.0.M0.63148 20.0.R0.63294 20.0.R0.63316 20.0.V0.63170 20.0.VG0.63188 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.A0.63166 20.2.A0.63174 20.1.A0.63232 20.2.A0.63237 20.0.M0.63226 20.0.M0.63229 20.0.R0.63294 20.0.R0.63316 20.0.V0.63263 20.0.VG0.63233 20.0.v0 20.0.v0.64175 20.0.vg0.63522 20.1.0 20.1.0.63959 20.1.M0.63876 20.1.T0.63886 20.1.V0.64231 20.1.VA0.64194 20.1.VB0.64210 20.1.a0 20.1.a0.64023 20.1.v0 20.1.v0.64607 20.2.A0.63895 21.0.0 21.0.0.65256 21.0.M0.63881 21.0.M0.64281 21.0.PP0.64366 21.0.V0.65052 21.0.v0 21.0.v0.65831 21.0.vb0.65887 21.1.R0.65130 21.1.R0.65135. Una vulnerabilidad de denegación de servicio del análisis de paquetes IKE en el proceso ipsecmgr del software Cisco ASR 5000 podría permitir a un atacante remoto no autenticado provocar que el proceso ipsecmgr se recargue. • http://www.securityfocus.com/bid/95629 http://www.securitytracker.com/id/1037652 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-asr • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-6467
https://notcve.org/view.php?id=CVE-2016-6467
A vulnerability in IPv6 packet fragment reassembly of StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Switch could allow an unauthenticated, remote attacker to cause an unexpected reload of the Network Processing Unit (NPU) process. More Information: CSCva84552. Known Affected Releases: 20.0.0 21.0.0 21.0.M0.64702. Known Fixed Releases: 21.0.0 21.0.0.65256 21.0.M0.64970 21.0.V0.65150 21.1.A0.64973 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.VC0.65203. Una vulnerabilidad en el reensamblaje de fragmentos de paquetes IPv6 de StarOS para Cisco Aggregation Services Router (ASR) 5000 Series Switch puede permitir a un atacante remoto no autenticado provocar un reinicio inesperado del proceso Network Processing Unit (NPU). • http://www.securityfocus.com/bid/94772 http://www.securitytracker.com/id/1037416 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-asr • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9203
https://notcve.org/view.php?id=CVE-2016-9203
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco ASR 5000 Series Software could allow an unauthenticated, remote attacker to cause a reload of the ipsecmgr process. More Information: CSCvb38398. Known Affected Releases: 20.2.3 20.2.3.65026. Known Fixed Releases: 21.1.M0.65431 21.1.PP0.65733 21.1.R0.65467 21.1.R0.65496 21.1.VC0.65434 21.1.VC0.65489 21.2.A0.65437. Una vulnerabilidad en la característica Internet Key Exchange Version 2 (IKEv2) de Cisco ASR 5000 Series Software podría permitir a un atacante remoto no autenticado provocar el reinicio del proceso ipsecmgr. • http://www.securityfocus.com/bid/94790 http://www.securitytracker.com/id/1037413 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-asr1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-6466
https://notcve.org/view.php?id=CVE-2016-6466
A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Known Fixed Releases: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147. • http://www.securityfocus.com/bid/94361 http://www.securitytracker.com/id/1037308 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asr • CWE-399: Resource Management Errors •