CVE-2021-1540
Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
Severity Score
7.2
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Múltiples vulnerabilidades en el proceso de autorización de Cisco ASR 5000 Series Software (StarOS), podría permitir a un atacante remoto autenticado omitir la autorización y ejecutar un subconjunto de comandos de CLI en un dispositivo afectado. Para obtener más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-11-13 CVE Reserved
- 2021-06-04 CVE Published
- 2023-08-27 EPSS Updated
- 2024-11-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-863: Incorrect Authorization
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | < 21.16.9 Search vendor "Cisco" for product "Staros" and version " < 21.16.9" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5000 Search vendor "Cisco" for product "Asr 5000" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | < 21.16.9 Search vendor "Cisco" for product "Staros" and version " < 21.16.9" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5500 Search vendor "Cisco" for product "Asr 5500" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | < 21.16.9 Search vendor "Cisco" for product "Staros" and version " < 21.16.9" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5700 Search vendor "Cisco" for product "Asr 5700" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.17.0 < 21.17.10 Search vendor "Cisco" for product "Staros" and version " >= 21.17.0 < 21.17.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5000 Search vendor "Cisco" for product "Asr 5000" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.17.0 < 21.17.10 Search vendor "Cisco" for product "Staros" and version " >= 21.17.0 < 21.17.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5500 Search vendor "Cisco" for product "Asr 5500" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.17.0 < 21.17.10 Search vendor "Cisco" for product "Staros" and version " >= 21.17.0 < 21.17.10" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5700 Search vendor "Cisco" for product "Asr 5700" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.18.0 < 21.18.16 Search vendor "Cisco" for product "Staros" and version " >= 21.18.0 < 21.18.16" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5000 Search vendor "Cisco" for product "Asr 5000" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.18.0 < 21.18.16 Search vendor "Cisco" for product "Staros" and version " >= 21.18.0 < 21.18.16" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5500 Search vendor "Cisco" for product "Asr 5500" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.18.0 < 21.18.16 Search vendor "Cisco" for product "Staros" and version " >= 21.18.0 < 21.18.16" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5700 Search vendor "Cisco" for product "Asr 5700" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.19.0 < 21.19.11 Search vendor "Cisco" for product "Staros" and version " >= 21.19.0 < 21.19.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5000 Search vendor "Cisco" for product "Asr 5000" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.19.0 < 21.19.11 Search vendor "Cisco" for product "Staros" and version " >= 21.19.0 < 21.19.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5500 Search vendor "Cisco" for product "Asr 5500" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.19.0 < 21.19.11 Search vendor "Cisco" for product "Staros" and version " >= 21.19.0 < 21.19.11" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5700 Search vendor "Cisco" for product "Asr 5700" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.19.n < 21.19.n7 Search vendor "Cisco" for product "Staros" and version " >= 21.19.n < 21.19.n7" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5000 Search vendor "Cisco" for product "Asr 5000" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.19.n < 21.19.n7 Search vendor "Cisco" for product "Staros" and version " >= 21.19.n < 21.19.n7" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5500 Search vendor "Cisco" for product "Asr 5500" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.19.n < 21.19.n7 Search vendor "Cisco" for product "Staros" and version " >= 21.19.n < 21.19.n7" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5700 Search vendor "Cisco" for product "Asr 5700" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.20.0 < 21.20.8 Search vendor "Cisco" for product "Staros" and version " >= 21.20.0 < 21.20.8" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5000 Search vendor "Cisco" for product "Asr 5000" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.20.0 < 21.20.8 Search vendor "Cisco" for product "Staros" and version " >= 21.20.0 < 21.20.8" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5500 Search vendor "Cisco" for product "Asr 5500" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Staros Search vendor "Cisco" for product "Staros" | >= 21.20.0 < 21.20.8 Search vendor "Cisco" for product "Staros" and version " >= 21.20.0 < 21.20.8" | - |
Affected
| in | Cisco Search vendor "Cisco" | Asr 5700 Search vendor "Cisco" for product "Asr 5700" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Virtualized Packet Core Search vendor "Cisco" for product "Virtualized Packet Core" | - | - |
Affected
|