CVE-2021-1540 – Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-1540
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el proceso de autorización de Cisco ASR 5000 Series Software (StarOS), podría permitir a un atacante remoto autenticado omitir la autorización y ejecutar un subconjunto de comandos de CLI en un dispositivo afectado. Para obtener más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n • CWE-863: Incorrect Authorization •
CVE-2021-1539 – Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-1539
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el proceso de autorización de Cisco ASR 5000 Series Software (StarOS), podría permitir a un atacante remoto autenticado omitir la autorización y ejecutar un subconjunto de comandos de CLI en un dispositivo afectado. Para obtener más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n • CWE-863: Incorrect Authorization •
CVE-2021-1353 – Cisco StarOS IPv4 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1353
A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device. Una vulnerabilidad en el manejo del protocolo IPv4 de Cisco StarOS, podría permitir a un atacante no autenticado remoto causar una condición de denegación de servicio (DoS) en un dispositivo afectado. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2020-3500 – Cisco StarOS IPv6 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3500
A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-6678
https://notcve.org/view.php?id=CVE-2017-6678
A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending crafted UDP packets to the distributed instance (DI) network addresses of both CF instances on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability can be exploited via IPv4 traffic only. • http://www.securityfocus.com/bid/99195 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-vpc • CWE-399: Resource Management Errors CWE-755: Improper Handling of Exceptional Conditions •