CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0CVE-2016-1335
https://notcve.org/view.php?id=CVE-2016-1335
19 Feb 2016 — The SSH implementation in Cisco StarOS before 19.3.M0.62771 and 20.x before 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpoint that was previously used for an administrator's connection, aka Bug ID CSCux22492. La implementación de SSH en Cisco StarOS en versiones anteriores a 19.3.M0.62771 y 20.x en versiones anteriores a 20.0.M0.62768 en dispositivos ASR 5... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-asr • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2014-3331
https://notcve.org/view.php?id=CVE-2014-3331
20 Aug 2014 — The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914. El componente Session Manager en Packet Data Network Gateway (también conocido como PGW) en Cisco ASR serie 5000 Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x hasta 16.1.2, y 17.0 permite a atacantes remotos causar una ... • http://secunia.com/advisories/60706 • CWE-20: Improper Input Validation •