CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4244
https://notcve.org/view.php?id=CVE-2015-4244
The boot implementation on Cisco ASR 5000 and 5500 devices with software 14.0 allows local users to execute arbitrary Linux commands by leveraging administrative privileges for storage of these commands in a Compact Flash (CF) file, aka Bug ID CSCuu75278. La ejecución del arranque en dispositivos Cisco ASR 5000 y 5500 con versión de software 14.0 permite a usuarios locales ejecutar arbitrariamente comandos Linux al aprovechar privilegios de administrador y guardar dichos comandos en un dispositivo Compact Flash (CF), también conocido como Bug ID CSCuu75278. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39677 http://www.securitytracker.com/id/1032839 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2015-4201
https://notcve.org/view.php?id=CVE-2015-4201
The Gateway General Packet Radio Service Support Node (GGSN) component on Cisco ASR 5000 devices with software 17.2.0.59184 and 18.0.L0.59219 allows remote attackers to cause a denial of service (Session Manager restart) via an invalid TCP/IP header, aka Bug ID CSCut68058. El componente Gateway General Packet Radio Service Support Node (GGSN) en los dispositivos Cisco ASR 5000 con software 17.2.0.59184 y 18.0.L0.59219 permite a atacantes remotos causar una denegación de servicio (reinicio de Session Manager) a través de una cabecera TCP/IP inválida, también conocido como Bug ID CSCut68058. • http://tools.cisco.com/security/center/viewAlert.x?alertId=39431 http://www.securityfocus.com/bid/75323 http://www.securitytracker.com/id/1032677 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0617
https://notcve.org/view.php?id=CVE-2015-0617
Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices allow remote attackers to cause a denial of service (CPU consumption and SNMP outage) via malformed SNMP packets, aka Bug ID CSCur13393. Los dispositivos Cisco ASR 5500 System Architecture Evolution (SAE) Gateway permiten a atacantes remotos causar una denegación de servicio (consumo de CPU e interrupción de SNMP) a través de paquetes SNMP malformados, también conocido como Bug ID CSCur13393. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0617 http://www.securitytracker.com/id/1031754 https://exchange.xforce.ibmcloud.com/vulnerabilities/100923 • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 2%CPEs: 10EXPL: 0CVE-2014-3331
https://notcve.org/view.php?id=CVE-2014-3331
The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914. El componente Session Manager en Packet Data Network Gateway (también conocido como PGW) en Cisco ASR serie 5000 Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x hasta 16.1.2, y 17.0 permite a atacantes remotos causar una denegación de servicio (caída del proceso) a través de un paquete TCP manipulado, también conocido como Bug ID CSCuo21914. • http://secunia.com/advisories/60706 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3331 http://tools.cisco.com/security/center/viewAlert.x?alertId=35346 http://www.securityfocus.com/bid/69281 http://www.securitytracker.com/id/1030747 https://exchange.xforce.ibmcloud.com/vulnerabilities/95357 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0669
https://notcve.org/view.php?id=CVE-2014-0669
The Wireless Session Protocol (WSP) feature in the Gateway GPRS Support Node (GGSN) component on Cisco ASR 5000 series devices allows remote attackers to bypass intended Top-Up payment restrictions via unspecified WSP packets, aka Bug ID CSCuh28371. La característica Wireless Session Protocol (WSP) en el componente Gateway GPRS Support Node (GGSN) en dispositivos Cisco ASR 5000 series permite a atacantes evadir restricciones intencionadas de pago Top-Up a través de paquetes WSP sin especificar, también conocido como Bug ID CSCuh28371. • http://osvdb.org/102318 http://secunia.com/advisories/56546 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0669 http://tools.cisco.com/security/center/viewAlert.x?alertId=32513 http://www.securityfocus.com/bid/65052 http://www.securitytracker.com/id/1029666 https://exchange.xforce.ibmcloud.com/vulnerabilities/90614 • CWE-264: Permissions, Privileges, and Access Controls •