All the vulnerabilites related to Cisco - Cisco ASR 5000 Series Software
cve-2019-16026
Vulnerability from cvelistv5
Published
2020-01-26 04:45
Modified
2024-11-15 17:44
Severity ?
EPSS score ?
Summary
Cisco Mobility Management Entity Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200108 Cisco Mobility Management Entity Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-16026",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:29:46.226838Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:44:37.291Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-26T04:45:20",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200108 Cisco Mobility Management Entity Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos"
}
],
"source": {
"advisory": "cisco-sa-20200108-mme-dos",
"defect": [
[
"CSCvs01456"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Mobility Management Entity Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-01-08T16:00:00-0800",
"ID": "CVE-2019-16026",
"STATE": "PUBLIC",
"TITLE": "Cisco Mobility Management Entity Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200108 Cisco Mobility Management Entity Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20200108-mme-dos",
"defect": [
[
"CSCvs01456"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-16026",
"datePublished": "2020-01-26T04:45:20.821598Z",
"dateReserved": "2019-09-06T00:00:00",
"dateUpdated": "2024-11-15T17:44:37.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3244
Vulnerability from cvelistv5
Published
2020-06-18 02:21
Modified
2024-11-15 16:59
Severity ?
EPSS score ?
Summary
Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200617 Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3244",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:21:07.157305Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T16:59:30.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-18T02:21:23",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200617 Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL"
}
],
"source": {
"advisory": "cisco-sa-asr5k-ecs-bypass-2LqfPCL",
"defect": [
[
"CSCvs83392"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-06-17T16:00:00",
"ID": "CVE-2020-3244",
"STATE": "PUBLIC",
"TITLE": "Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200617 Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL"
}
]
},
"source": {
"advisory": "cisco-sa-asr5k-ecs-bypass-2LqfPCL",
"defect": [
[
"CSCvs83392"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3244",
"datePublished": "2020-06-18T02:21:23.181506Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T16:59:30.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3602
Vulnerability from cvelistv5
Published
2020-10-08 04:21
Modified
2024-11-13 17:51
Severity ?
EPSS score ?
Summary
Cisco StarOS Privilege Escalation Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-privilege-esc-pyb7YTd | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:55.605Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-privilege-esc-pyb7YTd"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3602",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:22:52.999652Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:51:28.096Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-08T04:21:09",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-privilege-esc-pyb7YTd"
}
],
"source": {
"advisory": "cisco-sa-staros-privilege-esc-pyb7YTd",
"defect": [
[
"CSCvv34222"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco StarOS Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-07T16:00:00",
"ID": "CVE-2020-3602",
"STATE": "PUBLIC",
"TITLE": "Cisco StarOS Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.3",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-privilege-esc-pyb7YTd"
}
]
},
"source": {
"advisory": "cisco-sa-staros-privilege-esc-pyb7YTd",
"defect": [
[
"CSCvv34222"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3602",
"datePublished": "2020-10-08T04:21:09.915700Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:51:28.096Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1378
Vulnerability from cvelistv5
Published
2021-02-17 16:55
Modified
2024-11-08 23:41
Severity ?
EPSS score ?
Summary
Cisco StarOS Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-StarOS-DoS-RLLvGFJj | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.008Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210217 Cisco StarOS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-StarOS-DoS-RLLvGFJj"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:04:08.237238Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-08T23:41:07.900Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-17T16:55:22",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210217 Cisco StarOS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-StarOS-DoS-RLLvGFJj"
}
],
"source": {
"advisory": "cisco-sa-StarOS-DoS-RLLvGFJj",
"defect": [
[
"CSCvu59686"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco StarOS Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-02-17T16:00:00",
"ID": "CVE-2021-1378",
"STATE": "PUBLIC",
"TITLE": "Cisco StarOS Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210217 Cisco StarOS Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-StarOS-DoS-RLLvGFJj"
}
]
},
"source": {
"advisory": "cisco-sa-StarOS-DoS-RLLvGFJj",
"defect": [
[
"CSCvu59686"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1378",
"datePublished": "2021-02-17T16:55:22.801805Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-08T23:41:07.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20046
Vulnerability from cvelistv5
Published
2023-05-09 13:06
Modified
2024-08-02 08:57
Severity ?
EPSS score ?
Summary
A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.
There are workarounds that address this vulnerability.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.853Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "21.11.0"
},
{
"status": "affected",
"version": "21.11.1"
},
{
"status": "affected",
"version": "21.11.2"
},
{
"status": "affected",
"version": "21.11.3"
},
{
"status": "affected",
"version": "21.11.10"
},
{
"status": "affected",
"version": "21.11.11"
},
{
"status": "affected",
"version": "21.11.12"
},
{
"status": "affected",
"version": "21.11.13"
},
{
"status": "affected",
"version": "21.11.14"
},
{
"status": "affected",
"version": "21.11.4"
},
{
"status": "affected",
"version": "21.11.5"
},
{
"status": "affected",
"version": "21.11.6"
},
{
"status": "affected",
"version": "21.11.7"
},
{
"status": "affected",
"version": "21.11.8"
},
{
"status": "affected",
"version": "21.11.9"
},
{
"status": "affected",
"version": "21.11.15"
},
{
"status": "affected",
"version": "21.11.16"
},
{
"status": "affected",
"version": "21.11.17"
},
{
"status": "affected",
"version": "21.11.18"
},
{
"status": "affected",
"version": "21.11.19"
},
{
"status": "affected",
"version": "21.11.20"
},
{
"status": "affected",
"version": "21.11.21"
},
{
"status": "affected",
"version": "21.12.0"
},
{
"status": "affected",
"version": "21.12.1"
},
{
"status": "affected",
"version": "21.12.2"
},
{
"status": "affected",
"version": "21.12.3"
},
{
"status": "affected",
"version": "21.12.4"
},
{
"status": "affected",
"version": "21.12.5"
},
{
"status": "affected",
"version": "21.12.6"
},
{
"status": "affected",
"version": "21.12.10"
},
{
"status": "affected",
"version": "21.12.11"
},
{
"status": "affected",
"version": "21.12.12"
},
{
"status": "affected",
"version": "21.12.13"
},
{
"status": "affected",
"version": "21.12.14"
},
{
"status": "affected",
"version": "21.12.16"
},
{
"status": "affected",
"version": "21.12.17"
},
{
"status": "affected",
"version": "21.12.18"
},
{
"status": "affected",
"version": "21.12.7"
},
{
"status": "affected",
"version": "21.12.8"
},
{
"status": "affected",
"version": "21.12.9"
},
{
"status": "affected",
"version": "21.12.19"
},
{
"status": "affected",
"version": "21.12.20"
},
{
"status": "affected",
"version": "21.12.21"
},
{
"status": "affected",
"version": "21.12.22"
},
{
"status": "affected",
"version": "21.12.15"
},
{
"status": "affected",
"version": "21.13.0"
},
{
"status": "affected",
"version": "21.13.1"
},
{
"status": "affected",
"version": "21.13.2"
},
{
"status": "affected",
"version": "21.13.3"
},
{
"status": "affected",
"version": "21.13.4"
},
{
"status": "affected",
"version": "21.13.10"
},
{
"status": "affected",
"version": "21.13.11"
},
{
"status": "affected",
"version": "21.13.12"
},
{
"status": "affected",
"version": "21.13.13"
},
{
"status": "affected",
"version": "21.13.14"
},
{
"status": "affected",
"version": "21.13.15"
},
{
"status": "affected",
"version": "21.13.16"
},
{
"status": "affected",
"version": "21.13.17"
},
{
"status": "affected",
"version": "21.13.18"
},
{
"status": "affected",
"version": "21.13.19"
},
{
"status": "affected",
"version": "21.13.20"
},
{
"status": "affected",
"version": "21.13.5"
},
{
"status": "affected",
"version": "21.13.6"
},
{
"status": "affected",
"version": "21.13.7"
},
{
"status": "affected",
"version": "21.13.8"
},
{
"status": "affected",
"version": "21.13.9"
},
{
"status": "affected",
"version": "21.13.21"
},
{
"status": "affected",
"version": "21.14.0"
},
{
"status": "affected",
"version": "21.14.1"
},
{
"status": "affected",
"version": "21.14.10"
},
{
"status": "affected",
"version": "21.14.11"
},
{
"status": "affected",
"version": "21.14.12"
},
{
"status": "affected",
"version": "21.14.16"
},
{
"status": "affected",
"version": "21.14.17"
},
{
"status": "affected",
"version": "21.14.19"
},
{
"status": "affected",
"version": "21.14.2"
},
{
"status": "affected",
"version": "21.14.20"
},
{
"status": "affected",
"version": "21.14.3"
},
{
"status": "affected",
"version": "21.14.4"
},
{
"status": "affected",
"version": "21.14.5"
},
{
"status": "affected",
"version": "21.14.6"
},
{
"status": "affected",
"version": "21.14.7"
},
{
"status": "affected",
"version": "21.14.8"
},
{
"status": "affected",
"version": "21.14.9"
},
{
"status": "affected",
"version": "21.14.b12"
},
{
"status": "affected",
"version": "21.14.b13"
},
{
"status": "affected",
"version": "21.14.b14"
},
{
"status": "affected",
"version": "21.14.b15"
},
{
"status": "affected",
"version": "21.14.b17"
},
{
"status": "affected",
"version": "21.14.b18"
},
{
"status": "affected",
"version": "21.14.b19"
},
{
"status": "affected",
"version": "21.14.b20"
},
{
"status": "affected",
"version": "21.14.b21"
},
{
"status": "affected",
"version": "21.14.22"
},
{
"status": "affected",
"version": "21.14.b22"
},
{
"status": "affected",
"version": "21.14.23"
},
{
"status": "affected",
"version": "21.15.0"
},
{
"status": "affected",
"version": "21.15.1"
},
{
"status": "affected",
"version": "21.15.10"
},
{
"status": "affected",
"version": "21.15.11"
},
{
"status": "affected",
"version": "21.15.12"
},
{
"status": "affected",
"version": "21.15.13"
},
{
"status": "affected",
"version": "21.15.14"
},
{
"status": "affected",
"version": "21.15.15"
},
{
"status": "affected",
"version": "21.15.16"
},
{
"status": "affected",
"version": "21.15.17"
},
{
"status": "affected",
"version": "21.15.18"
},
{
"status": "affected",
"version": "21.15.19"
},
{
"status": "affected",
"version": "21.15.2"
},
{
"status": "affected",
"version": "21.15.20"
},
{
"status": "affected",
"version": "21.15.21"
},
{
"status": "affected",
"version": "21.15.22"
},
{
"status": "affected",
"version": "21.15.24"
},
{
"status": "affected",
"version": "21.15.25"
},
{
"status": "affected",
"version": "21.15.26"
},
{
"status": "affected",
"version": "21.15.27"
},
{
"status": "affected",
"version": "21.15.28"
},
{
"status": "affected",
"version": "21.15.29"
},
{
"status": "affected",
"version": "21.15.3"
},
{
"status": "affected",
"version": "21.15.30"
},
{
"status": "affected",
"version": "21.15.32"
},
{
"status": "affected",
"version": "21.15.33"
},
{
"status": "affected",
"version": "21.15.36"
},
{
"status": "affected",
"version": "21.15.37"
},
{
"status": "affected",
"version": "21.15.39"
},
{
"status": "affected",
"version": "21.15.4"
},
{
"status": "affected",
"version": "21.15.40"
},
{
"status": "affected",
"version": "21.15.41"
},
{
"status": "affected",
"version": "21.15.5"
},
{
"status": "affected",
"version": "21.15.6"
},
{
"status": "affected",
"version": "21.15.7"
},
{
"status": "affected",
"version": "21.15.8"
},
{
"status": "affected",
"version": "21.15.43"
},
{
"status": "affected",
"version": "21.15.45"
},
{
"status": "affected",
"version": "21.15.46"
},
{
"status": "affected",
"version": "21.15.47"
},
{
"status": "affected",
"version": "21.15.48"
},
{
"status": "affected",
"version": "21.15.51"
},
{
"status": "affected",
"version": "21.15.52"
},
{
"status": "affected",
"version": "21.15.53"
},
{
"status": "affected",
"version": "21.15.54"
},
{
"status": "affected",
"version": "21.15.55"
},
{
"status": "affected",
"version": "21.15.57"
},
{
"status": "affected",
"version": "21.15.58"
},
{
"status": "affected",
"version": "21.15.59"
},
{
"status": "affected",
"version": "21.15.60"
},
{
"status": "affected",
"version": "21.16.2"
},
{
"status": "affected",
"version": "21.16.3"
},
{
"status": "affected",
"version": "21.16.4"
},
{
"status": "affected",
"version": "21.16.5"
},
{
"status": "affected",
"version": "21.16.c10"
},
{
"status": "affected",
"version": "21.16.c11"
},
{
"status": "affected",
"version": "21.16.c12"
},
{
"status": "affected",
"version": "21.16.c13"
},
{
"status": "affected",
"version": "21.16.c9"
},
{
"status": "affected",
"version": "21.16.d0"
},
{
"status": "affected",
"version": "21.16.d1"
},
{
"status": "affected",
"version": "21.16.6"
},
{
"status": "affected",
"version": "21.16.c14"
},
{
"status": "affected",
"version": "21.16.7"
},
{
"status": "affected",
"version": "21.16.c15"
},
{
"status": "affected",
"version": "21.16.8"
},
{
"status": "affected",
"version": "21.16.c16"
},
{
"status": "affected",
"version": "21.16.10"
},
{
"status": "affected",
"version": "21.16.9"
},
{
"status": "affected",
"version": "21.16.c17"
},
{
"status": "affected",
"version": "21.16.c18"
},
{
"status": "affected",
"version": "21.16.c19"
},
{
"status": "affected",
"version": "21.17.0"
},
{
"status": "affected",
"version": "21.17.1"
},
{
"status": "affected",
"version": "21.17.2"
},
{
"status": "affected",
"version": "21.17.3"
},
{
"status": "affected",
"version": "21.17.4"
},
{
"status": "affected",
"version": "21.17.5"
},
{
"status": "affected",
"version": "21.17.6"
},
{
"status": "affected",
"version": "21.17.7"
},
{
"status": "affected",
"version": "21.17.8"
},
{
"status": "affected",
"version": "21.17.10"
},
{
"status": "affected",
"version": "21.17.11"
},
{
"status": "affected",
"version": "21.17.9"
},
{
"status": "affected",
"version": "21.17.12"
},
{
"status": "affected",
"version": "21.17.13"
},
{
"status": "affected",
"version": "21.17.14"
},
{
"status": "affected",
"version": "21.17.15"
},
{
"status": "affected",
"version": "21.17.16"
},
{
"status": "affected",
"version": "21.17.17"
},
{
"status": "affected",
"version": "21.17.18"
},
{
"status": "affected",
"version": "21.17.19"
},
{
"status": "affected",
"version": "21.18.0"
},
{
"status": "affected",
"version": "21.18.1"
},
{
"status": "affected",
"version": "21.18.2"
},
{
"status": "affected",
"version": "21.18.3"
},
{
"status": "affected",
"version": "21.18.4"
},
{
"status": "affected",
"version": "21.18.5"
},
{
"status": "affected",
"version": "21.18.11"
},
{
"status": "affected",
"version": "21.18.6"
},
{
"status": "affected",
"version": "21.18.7"
},
{
"status": "affected",
"version": "21.18.8"
},
{
"status": "affected",
"version": "21.18.9"
},
{
"status": "affected",
"version": "21.18.12"
},
{
"status": "affected",
"version": "21.18.13"
},
{
"status": "affected",
"version": "21.18.14"
},
{
"status": "affected",
"version": "21.18.15"
},
{
"status": "affected",
"version": "21.18.16"
},
{
"status": "affected",
"version": "21.18.17"
},
{
"status": "affected",
"version": "21.18.18"
},
{
"status": "affected",
"version": "21.18.19"
},
{
"status": "affected",
"version": "21.18.20"
},
{
"status": "affected",
"version": "21.18.21"
},
{
"status": "affected",
"version": "21.18.22"
},
{
"status": "affected",
"version": "21.18.23"
},
{
"status": "affected",
"version": "21.18.24"
},
{
"status": "affected",
"version": "21.18.25"
},
{
"status": "affected",
"version": "21.18.26"
},
{
"status": "affected",
"version": "21.19.0"
},
{
"status": "affected",
"version": "21.19.1"
},
{
"status": "affected",
"version": "21.19.2"
},
{
"status": "affected",
"version": "21.19.3"
},
{
"status": "affected",
"version": "21.19.n2"
},
{
"status": "affected",
"version": "21.19.4"
},
{
"status": "affected",
"version": "21.19.5"
},
{
"status": "affected",
"version": "21.19.n3"
},
{
"status": "affected",
"version": "21.19.n4"
},
{
"status": "affected",
"version": "21.19.6"
},
{
"status": "affected",
"version": "21.19.7"
},
{
"status": "affected",
"version": "21.19.8"
},
{
"status": "affected",
"version": "21.19.n5"
},
{
"status": "affected",
"version": "21.19.10"
},
{
"status": "affected",
"version": "21.19.9"
},
{
"status": "affected",
"version": "21.19.n6"
},
{
"status": "affected",
"version": "21.19.n7"
},
{
"status": "affected",
"version": "21.19.n8"
},
{
"status": "affected",
"version": "21.19.11"
},
{
"status": "affected",
"version": "21.19.n10"
},
{
"status": "affected",
"version": "21.19.n11"
},
{
"status": "affected",
"version": "21.19.n12"
},
{
"status": "affected",
"version": "21.19.n13"
},
{
"status": "affected",
"version": "21.19.n14"
},
{
"status": "affected",
"version": "21.19.n15"
},
{
"status": "affected",
"version": "21.19.n16"
},
{
"status": "affected",
"version": "21.19.n9"
},
{
"status": "affected",
"version": "21.19.n17"
},
{
"status": "affected",
"version": "21.19.n18"
},
{
"status": "affected",
"version": "21.20.0"
},
{
"status": "affected",
"version": "21.20.1"
},
{
"status": "affected",
"version": "21.20.SV1"
},
{
"status": "affected",
"version": "21.20.SV3"
},
{
"status": "affected",
"version": "21.20.SV5"
},
{
"status": "affected",
"version": "21.20.2"
},
{
"status": "affected",
"version": "21.20.3"
},
{
"status": "affected",
"version": "21.20.4"
},
{
"status": "affected",
"version": "21.20.5"
},
{
"status": "affected",
"version": "21.20.6"
},
{
"status": "affected",
"version": "21.20.7"
},
{
"status": "affected",
"version": "21.20.8"
},
{
"status": "affected",
"version": "21.20.9"
},
{
"status": "affected",
"version": "21.20.k6"
},
{
"status": "affected",
"version": "21.20.10"
},
{
"status": "affected",
"version": "21.20.11"
},
{
"status": "affected",
"version": "21.20.k7"
},
{
"status": "affected",
"version": "21.20.u8"
},
{
"status": "affected",
"version": "21.20.12"
},
{
"status": "affected",
"version": "21.20.13"
},
{
"status": "affected",
"version": "21.20.14"
},
{
"status": "affected",
"version": "21.20.k8"
},
{
"status": "affected",
"version": "21.20.p9"
},
{
"status": "affected",
"version": "21.20.15"
},
{
"status": "affected",
"version": "21.20.16"
},
{
"status": "affected",
"version": "21.20.17"
},
{
"status": "affected",
"version": "21.20.18"
},
{
"status": "affected",
"version": "21.20.19"
},
{
"status": "affected",
"version": "21.20.20"
},
{
"status": "affected",
"version": "21.20.21"
},
{
"status": "affected",
"version": "21.20.22"
},
{
"status": "affected",
"version": "21.20.23"
},
{
"status": "affected",
"version": "21.20.24"
},
{
"status": "affected",
"version": "21.20.25"
},
{
"status": "affected",
"version": "21.20.26"
},
{
"status": "affected",
"version": "21.20.28"
},
{
"status": "affected",
"version": "21.20.29"
},
{
"status": "affected",
"version": "21.20.30"
},
{
"status": "affected",
"version": "21.20.c22"
},
{
"status": "affected",
"version": "21.20.31"
},
{
"status": "affected",
"version": "21.20.32"
},
{
"status": "affected",
"version": "21.20.33"
},
{
"status": "affected",
"version": "21.20.34"
},
{
"status": "affected",
"version": "21.20.35"
},
{
"status": "affected",
"version": "21.20.27"
},
{
"status": "affected",
"version": "21.20.SV2"
},
{
"status": "affected",
"version": "21.21.0"
},
{
"status": "affected",
"version": "21.21.1"
},
{
"status": "affected",
"version": "21.21.2"
},
{
"status": "affected",
"version": "21.21.3"
},
{
"status": "affected",
"version": "21.21.KS2"
},
{
"status": "affected",
"version": "21.22.0"
},
{
"status": "affected",
"version": "21.22.n2"
},
{
"status": "affected",
"version": "21.22.n3"
},
{
"status": "affected",
"version": "21.22.3"
},
{
"status": "affected",
"version": "21.22.4"
},
{
"status": "affected",
"version": "21.22.5"
},
{
"status": "affected",
"version": "21.22.uj3"
},
{
"status": "affected",
"version": "21.22.11"
},
{
"status": "affected",
"version": "21.22.6"
},
{
"status": "affected",
"version": "21.22.7"
},
{
"status": "affected",
"version": "21.22.8"
},
{
"status": "affected",
"version": "21.22.n4"
},
{
"status": "affected",
"version": "21.22.n5"
},
{
"status": "affected",
"version": "21.22.ua0"
},
{
"status": "affected",
"version": "21.22.ua2"
},
{
"status": "affected",
"version": "21.22.ua3"
},
{
"status": "affected",
"version": "21.22.ua5"
},
{
"status": "affected",
"version": "21.22.12"
},
{
"status": "affected",
"version": "21.22.13"
},
{
"status": "affected",
"version": "21.22.n10"
},
{
"status": "affected",
"version": "21.22.n11"
},
{
"status": "affected",
"version": "21.22.n12"
},
{
"status": "affected",
"version": "21.22.n6"
},
{
"status": "affected",
"version": "21.22.n7"
},
{
"status": "affected",
"version": "21.22.n8"
},
{
"status": "affected",
"version": "21.22.n9"
},
{
"status": "affected",
"version": "21.22.n13"
},
{
"status": "affected",
"version": "21.23.0"
},
{
"status": "affected",
"version": "21.23.1"
},
{
"status": "affected",
"version": "21.23.10"
},
{
"status": "affected",
"version": "21.23.11"
},
{
"status": "affected",
"version": "21.23.12"
},
{
"status": "affected",
"version": "21.23.13"
},
{
"status": "affected",
"version": "21.23.14"
},
{
"status": "affected",
"version": "21.23.15"
},
{
"status": "affected",
"version": "21.23.16"
},
{
"status": "affected",
"version": "21.23.17"
},
{
"status": "affected",
"version": "21.23.2"
},
{
"status": "affected",
"version": "21.23.3"
},
{
"status": "affected",
"version": "21.23.4"
},
{
"status": "affected",
"version": "21.23.5"
},
{
"status": "affected",
"version": "21.23.6"
},
{
"status": "affected",
"version": "21.23.7"
},
{
"status": "affected",
"version": "21.23.8"
},
{
"status": "affected",
"version": "21.23.9"
},
{
"status": "affected",
"version": "21.23.b2"
},
{
"status": "affected",
"version": "21.23.b3"
},
{
"status": "affected",
"version": "21.23.c16"
},
{
"status": "affected",
"version": "21.23.c17"
},
{
"status": "affected",
"version": "21.23.n6"
},
{
"status": "affected",
"version": "21.23.n7"
},
{
"status": "affected",
"version": "21.23.n9"
},
{
"status": "affected",
"version": "21.23.18"
},
{
"status": "affected",
"version": "21.23.19"
},
{
"status": "affected",
"version": "21.23.21"
},
{
"status": "affected",
"version": "21.23.22"
},
{
"status": "affected",
"version": "21.23.23"
},
{
"status": "affected",
"version": "21.23.24"
},
{
"status": "affected",
"version": "21.23.25"
},
{
"status": "affected",
"version": "21.23.26"
},
{
"status": "affected",
"version": "21.23.27"
},
{
"status": "affected",
"version": "21.23.29"
},
{
"status": "affected",
"version": "21.23.30"
},
{
"status": "affected",
"version": "21.23.c18"
},
{
"status": "affected",
"version": "21.23.n10"
},
{
"status": "affected",
"version": "21.23.n11"
},
{
"status": "affected",
"version": "21.23.n8"
},
{
"status": "affected",
"version": "21.23.yn14"
},
{
"status": "affected",
"version": "21.24.0"
},
{
"status": "affected",
"version": "21.24.1"
},
{
"status": "affected",
"version": "21.24.2"
},
{
"status": "affected",
"version": "21.24.3"
},
{
"status": "affected",
"version": "21.25.0"
},
{
"status": "affected",
"version": "21.25.3"
},
{
"status": "affected",
"version": "21.25.4"
},
{
"status": "affected",
"version": "21.25.5"
},
{
"status": "affected",
"version": "21.25.10"
},
{
"status": "affected",
"version": "21.25.11"
},
{
"status": "affected",
"version": "21.25.12"
},
{
"status": "affected",
"version": "21.25.13"
},
{
"status": "affected",
"version": "21.25.14"
},
{
"status": "affected",
"version": "21.25.6"
},
{
"status": "affected",
"version": "21.25.7"
},
{
"status": "affected",
"version": "21.25.8"
},
{
"status": "affected",
"version": "21.25.9"
},
{
"status": "affected",
"version": "21.26.0"
},
{
"status": "affected",
"version": "21.26.1"
},
{
"status": "affected",
"version": "21.26.10"
},
{
"status": "affected",
"version": "21.26.13"
},
{
"status": "affected",
"version": "21.26.14"
},
{
"status": "affected",
"version": "21.26.15"
},
{
"status": "affected",
"version": "21.26.3"
},
{
"status": "affected",
"version": "21.26.5"
},
{
"status": "affected",
"version": "21.26.6"
},
{
"status": "affected",
"version": "21.26.7"
},
{
"status": "affected",
"version": "21.26.17"
},
{
"status": "affected",
"version": "21.27.0"
},
{
"status": "affected",
"version": "21.27.1"
},
{
"status": "affected",
"version": "21.27.2"
},
{
"status": "affected",
"version": "21.27.3"
},
{
"status": "affected",
"version": "21.27.4"
},
{
"status": "affected",
"version": "21.27.5"
},
{
"status": "affected",
"version": "21.27.m0"
},
{
"status": "affected",
"version": "21.28.0"
},
{
"status": "affected",
"version": "21.28.1"
},
{
"status": "affected",
"version": "21.28.2"
},
{
"status": "affected",
"version": "21.28.m0"
},
{
"status": "affected",
"version": "21.28.m1"
},
{
"status": "affected",
"version": "21.28.m2"
},
{
"status": "affected",
"version": "21.28.m3"
}
]
},
{
"product": "Cisco Ultra Cloud Core - User Plane Function",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.\r\n\r There are workarounds that address this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-289",
"description": "Authentication Bypass by Alternate Name",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-25T16:57:38.039Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h"
}
],
"source": {
"advisory": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
"defects": [
"CSCwd89468"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20046",
"datePublished": "2023-05-09T13:06:10.748Z",
"dateReserved": "2022-10-27T18:47:50.317Z",
"dateUpdated": "2024-08-02T08:57:35.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1540
Vulnerability from cvelistv5
Published
2021-06-04 16:46
Modified
2024-11-07 22:09
Severity ?
EPSS score ?
Summary
Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:41:42.298517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:09:20.180Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-04T16:46:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
],
"source": {
"advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
"defect": [
[
"CSCvu85001",
"CSCvv33622"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-06-02T16:00:00",
"ID": "CVE-2021-1540",
"STATE": "PUBLIC",
"TITLE": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
]
},
"source": {
"advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
"defect": [
[
"CSCvu85001",
"CSCvv33622"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1540",
"datePublished": "2021-06-04T16:46:02.739386Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:09:20.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1869
Vulnerability from cvelistv5
Published
2019-06-20 02:55
Modified
2024-11-19 19:05
Severity ?
EPSS score ?
Summary
Cisco StarOS Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/108853 | vdb-entry, x_refsource_BID |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T18:28:42.866Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190619 Cisco StarOS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos"
},
{
"name": "108853",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/108853"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-1869",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:24:03.377833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:05:58.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "21.11.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-21T09:06:07",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190619 Cisco StarOS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos"
},
{
"name": "108853",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/108853"
}
],
"source": {
"advisory": "cisco-sa-20190619-staros-asr-dos",
"defect": [
[
"CSCvn06757"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco StarOS Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-06-19T16:00:00-0700",
"ID": "CVE-2019-1869",
"STATE": "PUBLIC",
"TITLE": "Cisco StarOS Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "21.11.1"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-824"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190619 Cisco StarOS Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos"
},
{
"name": "108853",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/108853"
}
]
},
"source": {
"advisory": "cisco-sa-20190619-staros-asr-dos",
"defect": [
[
"CSCvn06757"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-1869",
"datePublished": "2019-06-20T02:55:15.750798Z",
"dateReserved": "2018-12-06T00:00:00",
"dateUpdated": "2024-11-19T19:05:58.503Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1145
Vulnerability from cvelistv5
Published
2021-01-13 21:45
Modified
2024-11-12 20:40
Severity ?
EPSS score ?
Summary
Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:55.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210113 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:53:11.748770Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:40:11.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T21:45:36",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210113 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey"
}
],
"source": {
"advisory": "cisco-sa-staros-file-read-L3RDvtey",
"defect": [
[
"CSCvv34230"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-13T16:00:00",
"ID": "CVE-2021-1145",
"STATE": "PUBLIC",
"TITLE": "Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-61"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210113 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey"
}
]
},
"source": {
"advisory": "cisco-sa-staros-file-read-L3RDvtey",
"defect": [
[
"CSCvv34230"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1145",
"datePublished": "2021-01-13T21:45:36.440370Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:40:11.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3601
Vulnerability from cvelistv5
Published
2020-10-08 04:21
Modified
2024-11-13 17:51
Severity ?
EPSS score ?
Summary
Cisco StarOS Privilege Escalation Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-priv-esc-gGCUMFxv | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:55.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-priv-esc-gGCUMFxv"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3601",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:22:54.399305Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:51:37.027Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-08T04:21:05",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-priv-esc-gGCUMFxv"
}
],
"source": {
"advisory": "cisco-sa-staros-priv-esc-gGCUMFxv",
"defect": [
[
"CSCvv34214"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco StarOS Privilege Escalation Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-07T16:00:00",
"ID": "CVE-2020-3601",
"STATE": "PUBLIC",
"TITLE": "Cisco StarOS Privilege Escalation Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.4",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-priv-esc-gGCUMFxv"
}
]
},
"source": {
"advisory": "cisco-sa-staros-priv-esc-gGCUMFxv",
"defect": [
[
"CSCvv34214"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3601",
"datePublished": "2020-10-08T04:21:05.487432Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:51:37.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1353
Vulnerability from cvelistv5
Published
2021-01-20 20:00
Modified
2024-11-12 20:21
Severity ?
EPSS score ?
Summary
Cisco StarOS IPv4 Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3 | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:16.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210120 Cisco StarOS IPv4 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1353",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:05:17.789835Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:21:29.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T20:00:46",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210120 Cisco StarOS IPv4 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3"
}
],
"source": {
"advisory": "cisco-sa-asr-mem-leak-dos-MTWGHKk3",
"defect": [
[
"CSCvq83868",
"CSCvv69023"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco StarOS IPv4 Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-20T16:00:00",
"ID": "CVE-2021-1353",
"STATE": "PUBLIC",
"TITLE": "Cisco StarOS IPv4 Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-401"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210120 Cisco StarOS IPv4 Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3"
}
]
},
"source": {
"advisory": "cisco-sa-asr-mem-leak-dos-MTWGHKk3",
"defect": [
[
"CSCvq83868",
"CSCvv69023"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1353",
"datePublished": "2021-01-20T20:00:46.220853Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:21:29.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20665
Vulnerability from cvelistv5
Published
2022-04-06 18:13
Modified
2024-11-06 16:28
Severity ?
EPSS score ?
Summary
Cisco StarOS Command Injection Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:17:52.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220303 Cisco StarOS Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20665",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:00:18.481701Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:28:29.506Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-06T18:13:40",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220303 Cisco StarOS Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n"
}
],
"source": {
"advisory": "cisco-sa-staros-cmdinj-759mNT4n",
"defect": [
[
"CSCvz22969"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco StarOS Command Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-03-03T00:00:00",
"ID": "CVE-2022-20665",
"STATE": "PUBLIC",
"TITLE": "Cisco StarOS Command Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.0",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-77"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220303 Cisco StarOS Command Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n"
}
]
},
"source": {
"advisory": "cisco-sa-staros-cmdinj-759mNT4n",
"defect": [
[
"CSCvz22969"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20665",
"datePublished": "2022-04-06T18:13:41.066151Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:28:29.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1424
Vulnerability from cvelistv5
Published
2024-11-18 15:35
Modified
2024-11-18 16:18
Severity ?
EPSS score ?
Summary
Cisco ASR 5000 Series Software (StarOS) ipsecmgr Process Denial of Service Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.a0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.b15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.20:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.18:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.21:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.b14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.19:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.22:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.b13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.b12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.b17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.24:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.c9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.25:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.26:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.d0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.27:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.28:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.d1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.b18:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.c10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.29:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.30:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.18:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.c11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.32:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.19:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.33:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.19:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.36:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.b19:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.37:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.20:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.c12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.20:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.40:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.b20:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.b21:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.c13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.18:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.41:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.43:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.45:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.2:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.c14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.22:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.46:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.n3:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.47:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.48:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.19:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.13.21:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.n4:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.c15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.21.0:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.20:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.12:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.12.21:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.b22:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.13:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.n5:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.14:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.9:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.18.15:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.51:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.14.23:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.k6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.18:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.19.n6:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.16.8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.52:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.16:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.10:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.53:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.11.19:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.k7:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.54:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.11:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.20.u8:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.21.1:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.17.17:*:*:*:*:*:*:*",
"cpe:2.3:a:cisco:asr_5000_series_software:21.15.55:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "asr_5000_series_software",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "21.15.7"
},
{
"status": "affected",
"version": "21.13.10"
},
{
"status": "affected",
"version": "21.14.1"
},
{
"status": "affected",
"version": "21.11.5"
},
{
"status": "affected",
"version": "21.13.8"
},
{
"status": "affected",
"version": "21.14.5"
},
{
"status": "affected",
"version": "21.12.8"
},
{
"status": "affected",
"version": "21.13.11"
},
{
"status": "affected",
"version": "21.11.8"
},
{
"status": "affected",
"version": "21.12.9"
},
{
"status": "affected",
"version": "21.15.5"
},
{
"status": "affected",
"version": "21.11.7"
},
{
"status": "affected",
"version": "21.13.5"
},
{
"status": "affected",
"version": "21.12.0"
},
{
"status": "affected",
"version": "21.15.2"
},
{
"status": "affected",
"version": "21.11.6"
},
{
"status": "affected",
"version": "21.14.2"
},
{
"status": "affected",
"version": "21.12.3"
},
{
"status": "affected",
"version": "21.15.0"
},
{
"status": "affected",
"version": "21.11.2"
},
{
"status": "affected",
"version": "21.13.7"
},
{
"status": "affected",
"version": "21.12.4"
},
{
"status": "affected",
"version": "21.12.12"
},
{
"status": "affected",
"version": "21.13.4"
},
{
"status": "affected",
"version": "21.12.5"
},
{
"status": "affected",
"version": "21.14.a0"
},
{
"status": "affected",
"version": "21.11.9"
},
{
"status": "affected",
"version": "21.14.0"
},
{
"status": "affected",
"version": "21.11.4"
},
{
"status": "affected",
"version": "21.12.7"
},
{
"status": "affected",
"version": "21.14.3"
},
{
"status": "affected",
"version": "21.12.2"
},
{
"status": "affected",
"version": "21.14.10"
},
{
"status": "affected",
"version": "21.15.4"
},
{
"status": "affected",
"version": "21.14.6"
},
{
"status": "affected",
"version": "21.15.3"
},
{
"status": "affected",
"version": "21.13.13"
},
{
"status": "affected",
"version": "21.12.11"
},
{
"status": "affected",
"version": "21.12.10"
},
{
"status": "affected",
"version": "21.14.9"
},
{
"status": "affected",
"version": "21.11.1"
},
{
"status": "affected",
"version": "21.14.7"
},
{
"status": "affected",
"version": "21.11.3"
},
{
"status": "affected",
"version": "21.13.3"
},
{
"status": "affected",
"version": "21.13.2"
},
{
"status": "affected",
"version": "21.13.14"
},
{
"status": "affected",
"version": "21.12.1"
},
{
"status": "affected",
"version": "21.13.6"
},
{
"status": "affected",
"version": "21.13.12"
},
{
"status": "affected",
"version": "21.15.8"
},
{
"status": "affected",
"version": "21.13.1"
},
{
"status": "affected",
"version": "21.15.1"
},
{
"status": "affected",
"version": "21.15.6"
},
{
"status": "affected",
"version": "21.13.9"
},
{
"status": "affected",
"version": "21.14.4"
},
{
"status": "affected",
"version": "21.13.0"
},
{
"status": "affected",
"version": "21.12.6"
},
{
"status": "affected",
"version": "21.14.8"
},
{
"status": "affected",
"version": "21.11.0"
},
{
"status": "affected",
"version": "21.15.15"
},
{
"status": "affected",
"version": "21.14.11"
},
{
"status": "affected",
"version": "21.17.2"
},
{
"status": "affected",
"version": "21.15.13"
},
{
"status": "affected",
"version": "21.15.12"
},
{
"status": "affected",
"version": "21.14.b15"
},
{
"status": "affected",
"version": "21.17.0"
},
{
"status": "affected",
"version": "21.15.10"
},
{
"status": "affected",
"version": "21.13.16"
},
{
"status": "affected",
"version": "21.14.12"
},
{
"status": "affected",
"version": "21.15.20"
},
{
"status": "affected",
"version": "21.11.10"
},
{
"status": "affected",
"version": "21.15.18"
},
{
"status": "affected",
"version": "21.15.14"
},
{
"status": "affected",
"version": "21.13.15"
},
{
"status": "affected",
"version": "21.15.21"
},
{
"status": "affected",
"version": "21.15.17"
},
{
"status": "affected",
"version": "21.17.1"
},
{
"status": "affected",
"version": "21.14.b14"
},
{
"status": "affected",
"version": "21.12.13"
},
{
"status": "affected",
"version": "21.12.14"
},
{
"status": "affected",
"version": "21.15.19"
},
{
"status": "affected",
"version": "21.15.11"
},
{
"status": "affected",
"version": "21.15.22"
},
{
"status": "affected",
"version": "21.17.3"
},
{
"status": "affected",
"version": "21.14.b13"
},
{
"status": "affected",
"version": "21.15.16"
},
{
"status": "affected",
"version": "21.14.b12"
},
{
"status": "affected",
"version": "21.16.2"
},
{
"status": "affected",
"version": "21.14.16"
},
{
"status": "affected",
"version": "21.14.b17"
},
{
"status": "affected",
"version": "21.15.24"
},
{
"status": "affected",
"version": "21.16.c9"
},
{
"status": "affected",
"version": "21.15.25"
},
{
"status": "affected",
"version": "21.15.26"
},
{
"status": "affected",
"version": "21.16.d0"
},
{
"status": "affected",
"version": "21.17.4"
},
{
"status": "affected",
"version": "21.15.27"
},
{
"status": "affected",
"version": "21.13.17"
},
{
"status": "affected",
"version": "21.18.0"
},
{
"status": "affected",
"version": "21.15.28"
},
{
"status": "affected",
"version": "21.14.17"
},
{
"status": "affected",
"version": "21.16.d1"
},
{
"status": "affected",
"version": "21.18.1"
},
{
"status": "affected",
"version": "21.16.3"
},
{
"status": "affected",
"version": "21.14.b18"
},
{
"status": "affected",
"version": "21.16.c10"
},
{
"status": "affected",
"version": "21.11.11"
},
{
"status": "affected",
"version": "21.15.29"
},
{
"status": "affected",
"version": "21.15.30"
},
{
"status": "affected",
"version": "21.13.18"
},
{
"status": "affected",
"version": "21.12.16"
},
{
"status": "affected",
"version": "21.17.5"
},
{
"status": "affected",
"version": "21.16.c11"
},
{
"status": "affected",
"version": "21.15.32"
},
{
"status": "affected",
"version": "21.13.19"
},
{
"status": "affected",
"version": "21.15.33"
},
{
"status": "affected",
"version": "21.11.12"
},
{
"status": "affected",
"version": "21.19.0"
},
{
"status": "affected",
"version": "21.18.2"
},
{
"status": "affected",
"version": "21.14.19"
},
{
"status": "affected",
"version": "21.19.1"
},
{
"status": "affected",
"version": "21.17.6"
},
{
"status": "affected",
"version": "21.11.13"
},
{
"status": "affected",
"version": "21.12.17"
},
{
"status": "affected",
"version": "21.15.36"
},
{
"status": "affected",
"version": "21.18.3"
},
{
"status": "affected",
"version": "21.14.b19"
},
{
"status": "affected",
"version": "21.19.2"
},
{
"status": "affected",
"version": "21.15.37"
},
{
"status": "affected",
"version": "21.17.7"
},
{
"status": "affected",
"version": "21.14.20"
},
{
"status": "affected",
"version": "21.16.c12"
},
{
"status": "affected",
"version": "21.18.4"
},
{
"status": "affected",
"version": "21.19.3"
},
{
"status": "affected",
"version": "21.13.20"
},
{
"status": "affected",
"version": "21.15.40"
},
{
"status": "affected",
"version": "21.14.b20"
},
{
"status": "affected",
"version": "21.16.4"
},
{
"status": "affected",
"version": "21.18.5"
},
{
"status": "affected",
"version": "21.14.b21"
},
{
"status": "affected",
"version": "21.16.c13"
},
{
"status": "affected",
"version": "21.11.14"
},
{
"status": "affected",
"version": "21.12.18"
},
{
"status": "affected",
"version": "21.20.sv1"
},
{
"status": "affected",
"version": "21.20.0"
},
{
"status": "affected",
"version": "21.15.41"
},
{
"status": "affected",
"version": "21.20.sv2"
},
{
"status": "affected",
"version": "21.17.8"
},
{
"status": "affected",
"version": "21.20.1"
},
{
"status": "affected",
"version": "21.20.sv3"
},
{
"status": "affected",
"version": "21.16.5"
},
{
"status": "affected",
"version": "21.20.sv5"
},
{
"status": "affected",
"version": "21.15.43"
},
{
"status": "affected",
"version": "21.19.4"
},
{
"status": "affected",
"version": "21.18.6"
},
{
"status": "affected",
"version": "21.15.45"
},
{
"status": "affected",
"version": "21.20.2"
},
{
"status": "affected",
"version": "21.16.c14"
},
{
"status": "affected",
"version": "21.17.9"
},
{
"status": "affected",
"version": "21.11.15"
},
{
"status": "affected",
"version": "21.14.22"
},
{
"status": "affected",
"version": "21.20.3"
},
{
"status": "affected",
"version": "21.15.46"
},
{
"status": "affected",
"version": "21.18.7"
},
{
"status": "affected",
"version": "21.19.n3"
},
{
"status": "affected",
"version": "21.15.47"
},
{
"status": "affected",
"version": "21.15.48"
},
{
"status": "affected",
"version": "21.19.5"
},
{
"status": "affected",
"version": "21.17.10"
},
{
"status": "affected",
"version": "21.18.8"
},
{
"status": "affected",
"version": "21.16.6"
},
{
"status": "affected",
"version": "21.12.19"
},
{
"status": "affected",
"version": "21.13.21"
},
{
"status": "affected",
"version": "21.20.4"
},
{
"status": "affected",
"version": "21.18.9"
},
{
"status": "affected",
"version": "21.19.n4"
},
{
"status": "affected",
"version": "21.17.11"
},
{
"status": "affected",
"version": "21.18.11"
},
{
"status": "affected",
"version": "21.19.6"
},
{
"status": "affected",
"version": "21.16.c15"
},
{
"status": "affected",
"version": "21.16.7"
},
{
"status": "affected",
"version": "21.17.12"
},
{
"status": "affected",
"version": "21.21.0"
},
{
"status": "affected",
"version": "21.17.13"
},
{
"status": "affected",
"version": "21.11.16"
},
{
"status": "affected",
"version": "21.12.20"
},
{
"status": "affected",
"version": "21.18.12"
},
{
"status": "affected",
"version": "21.12.21"
},
{
"status": "affected",
"version": "21.14.b22"
},
{
"status": "affected",
"version": "21.19.7"
},
{
"status": "affected",
"version": "21.20.6"
},
{
"status": "affected",
"version": "21.18.13"
},
{
"status": "affected",
"version": "21.19.n5"
},
{
"status": "affected",
"version": "21.18.14"
},
{
"status": "affected",
"version": "21.20.7"
},
{
"status": "affected",
"version": "21.11.17"
},
{
"status": "affected",
"version": "21.17.14"
},
{
"status": "affected",
"version": "21.19.8"
},
{
"status": "affected",
"version": "21.20.8"
},
{
"status": "affected",
"version": "21.19.9"
},
{
"status": "affected",
"version": "21.17.15"
},
{
"status": "affected",
"version": "21.20.9"
},
{
"status": "affected",
"version": "21.18.15"
},
{
"status": "affected",
"version": "21.15.51"
},
{
"status": "affected",
"version": "21.14.23"
},
{
"status": "affected",
"version": "21.19.10"
},
{
"status": "affected",
"version": "21.20.k6"
},
{
"status": "affected",
"version": "21.11.18"
},
{
"status": "affected",
"version": "21.19.n6"
},
{
"status": "affected",
"version": "21.16.8"
},
{
"status": "affected",
"version": "21.15.52"
},
{
"status": "affected",
"version": "21.17.16"
},
{
"status": "affected",
"version": "21.20.10"
},
{
"status": "affected",
"version": "21.15.53"
},
{
"status": "affected",
"version": "21.11.19"
},
{
"status": "affected",
"version": "21.20.k7"
},
{
"status": "affected",
"version": "21.15.54"
},
{
"status": "affected",
"version": "21.20.11"
},
{
"status": "affected",
"version": "21.20.u8"
},
{
"status": "affected",
"version": "21.21.1"
},
{
"status": "affected",
"version": "21.17.17"
},
{
"status": "affected",
"version": "21.15.55"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1424",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T15:57:49.747227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T16:18:16.475Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "21.15.7"
},
{
"status": "affected",
"version": "21.13.10"
},
{
"status": "affected",
"version": "21.14.1"
},
{
"status": "affected",
"version": "21.11.5"
},
{
"status": "affected",
"version": "21.13.8"
},
{
"status": "affected",
"version": "21.14.5"
},
{
"status": "affected",
"version": "21.12.8"
},
{
"status": "affected",
"version": "21.13.11"
},
{
"status": "affected",
"version": "21.11.8"
},
{
"status": "affected",
"version": "21.12.9"
},
{
"status": "affected",
"version": "21.15.5"
},
{
"status": "affected",
"version": "21.11.7"
},
{
"status": "affected",
"version": "21.13.5"
},
{
"status": "affected",
"version": "21.12.0"
},
{
"status": "affected",
"version": "21.15.2"
},
{
"status": "affected",
"version": "21.11.6"
},
{
"status": "affected",
"version": "21.14.2"
},
{
"status": "affected",
"version": "21.12.3"
},
{
"status": "affected",
"version": "21.15.0"
},
{
"status": "affected",
"version": "21.11.2"
},
{
"status": "affected",
"version": "21.13.7"
},
{
"status": "affected",
"version": "21.12.4"
},
{
"status": "affected",
"version": "21.12.12"
},
{
"status": "affected",
"version": "21.13.4"
},
{
"status": "affected",
"version": "21.12.5"
},
{
"status": "affected",
"version": "21.14.a0"
},
{
"status": "affected",
"version": "21.11.9"
},
{
"status": "affected",
"version": "21.14.0"
},
{
"status": "affected",
"version": "21.11.4"
},
{
"status": "affected",
"version": "21.12.7"
},
{
"status": "affected",
"version": "21.14.3"
},
{
"status": "affected",
"version": "21.12.2"
},
{
"status": "affected",
"version": "21.14.10"
},
{
"status": "affected",
"version": "21.15.4"
},
{
"status": "affected",
"version": "21.14.6"
},
{
"status": "affected",
"version": "21.15.3"
},
{
"status": "affected",
"version": "21.13.13"
},
{
"status": "affected",
"version": "21.12.11"
},
{
"status": "affected",
"version": "21.12.10"
},
{
"status": "affected",
"version": "21.14.9"
},
{
"status": "affected",
"version": "21.11.1"
},
{
"status": "affected",
"version": "21.14.7"
},
{
"status": "affected",
"version": "21.11.3"
},
{
"status": "affected",
"version": "21.13.3"
},
{
"status": "affected",
"version": "21.13.2"
},
{
"status": "affected",
"version": "21.13.14"
},
{
"status": "affected",
"version": "21.12.1"
},
{
"status": "affected",
"version": "21.13.6"
},
{
"status": "affected",
"version": "21.13.12"
},
{
"status": "affected",
"version": "21.15.8"
},
{
"status": "affected",
"version": "21.13.1"
},
{
"status": "affected",
"version": "21.15.1"
},
{
"status": "affected",
"version": "21.15.6"
},
{
"status": "affected",
"version": "21.13.9"
},
{
"status": "affected",
"version": "21.14.4"
},
{
"status": "affected",
"version": "21.13.0"
},
{
"status": "affected",
"version": "21.12.6"
},
{
"status": "affected",
"version": "21.14.8"
},
{
"status": "affected",
"version": "21.11.0"
},
{
"status": "affected",
"version": "21.15.15"
},
{
"status": "affected",
"version": "21.14.11"
},
{
"status": "affected",
"version": "21.17.2"
},
{
"status": "affected",
"version": "21.15.13"
},
{
"status": "affected",
"version": "21.15.12"
},
{
"status": "affected",
"version": "21.14.b15"
},
{
"status": "affected",
"version": "21.17.0"
},
{
"status": "affected",
"version": "21.15.10"
},
{
"status": "affected",
"version": "21.13.16"
},
{
"status": "affected",
"version": "21.14.12"
},
{
"status": "affected",
"version": "21.15.20"
},
{
"status": "affected",
"version": "21.11.10"
},
{
"status": "affected",
"version": "21.15.18"
},
{
"status": "affected",
"version": "21.15.14"
},
{
"status": "affected",
"version": "21.13.15"
},
{
"status": "affected",
"version": "21.15.21"
},
{
"status": "affected",
"version": "21.15.17"
},
{
"status": "affected",
"version": "21.17.1"
},
{
"status": "affected",
"version": "21.14.b14"
},
{
"status": "affected",
"version": "21.12.13"
},
{
"status": "affected",
"version": "21.12.14"
},
{
"status": "affected",
"version": "21.15.19"
},
{
"status": "affected",
"version": "21.15.11"
},
{
"status": "affected",
"version": "21.15.22"
},
{
"status": "affected",
"version": "21.17.3"
},
{
"status": "affected",
"version": "21.14.b13"
},
{
"status": "affected",
"version": "21.15.16"
},
{
"status": "affected",
"version": "21.14.b12"
},
{
"status": "affected",
"version": "21.16.2"
},
{
"status": "affected",
"version": "21.14.16"
},
{
"status": "affected",
"version": "21.14.b17"
},
{
"status": "affected",
"version": "21.15.24"
},
{
"status": "affected",
"version": "21.16.c9"
},
{
"status": "affected",
"version": "21.15.25"
},
{
"status": "affected",
"version": "21.15.26"
},
{
"status": "affected",
"version": "21.16.d0"
},
{
"status": "affected",
"version": "21.17.4"
},
{
"status": "affected",
"version": "21.15.27"
},
{
"status": "affected",
"version": "21.13.17"
},
{
"status": "affected",
"version": "21.18.0"
},
{
"status": "affected",
"version": "21.15.28"
},
{
"status": "affected",
"version": "21.14.17"
},
{
"status": "affected",
"version": "21.16.d1"
},
{
"status": "affected",
"version": "21.18.1"
},
{
"status": "affected",
"version": "21.16.3"
},
{
"status": "affected",
"version": "21.14.b18"
},
{
"status": "affected",
"version": "21.16.c10"
},
{
"status": "affected",
"version": "21.11.11"
},
{
"status": "affected",
"version": "21.15.29"
},
{
"status": "affected",
"version": "21.15.30"
},
{
"status": "affected",
"version": "21.13.18"
},
{
"status": "affected",
"version": "21.12.16"
},
{
"status": "affected",
"version": "21.17.5"
},
{
"status": "affected",
"version": "21.16.c11"
},
{
"status": "affected",
"version": "21.15.32"
},
{
"status": "affected",
"version": "21.13.19"
},
{
"status": "affected",
"version": "21.15.33"
},
{
"status": "affected",
"version": "21.11.12"
},
{
"status": "affected",
"version": "21.19.0"
},
{
"status": "affected",
"version": "21.18.2"
},
{
"status": "affected",
"version": "21.14.19"
},
{
"status": "affected",
"version": "21.19.1"
},
{
"status": "affected",
"version": "21.17.6"
},
{
"status": "affected",
"version": "21.11.13"
},
{
"status": "affected",
"version": "21.12.17"
},
{
"status": "affected",
"version": "21.15.36"
},
{
"status": "affected",
"version": "21.18.3"
},
{
"status": "affected",
"version": "21.14.b19"
},
{
"status": "affected",
"version": "21.19.2"
},
{
"status": "affected",
"version": "21.15.37"
},
{
"status": "affected",
"version": "21.17.7"
},
{
"status": "affected",
"version": "21.14.20"
},
{
"status": "affected",
"version": "21.16.c12"
},
{
"status": "affected",
"version": "21.18.4"
},
{
"status": "affected",
"version": "21.19.3"
},
{
"status": "affected",
"version": "21.13.20"
},
{
"status": "affected",
"version": "21.15.40"
},
{
"status": "affected",
"version": "21.14.b20"
},
{
"status": "affected",
"version": "21.16.4"
},
{
"status": "affected",
"version": "21.18.5"
},
{
"status": "affected",
"version": "21.14.b21"
},
{
"status": "affected",
"version": "21.16.c13"
},
{
"status": "affected",
"version": "21.11.14"
},
{
"status": "affected",
"version": "21.12.18"
},
{
"status": "affected",
"version": "21.20.SV1"
},
{
"status": "affected",
"version": "21.20.0"
},
{
"status": "affected",
"version": "21.15.41"
},
{
"status": "affected",
"version": "21.20.SV2"
},
{
"status": "affected",
"version": "21.17.8"
},
{
"status": "affected",
"version": "21.20.1"
},
{
"status": "affected",
"version": "21.20.SV3"
},
{
"status": "affected",
"version": "21.16.5"
},
{
"status": "affected",
"version": "21.20.SV5"
},
{
"status": "affected",
"version": "21.15.43"
},
{
"status": "affected",
"version": "21.19.4"
},
{
"status": "affected",
"version": "21.18.6"
},
{
"status": "affected",
"version": "21.15.45"
},
{
"status": "affected",
"version": "21.20.2"
},
{
"status": "affected",
"version": "21.16.c14"
},
{
"status": "affected",
"version": "21.17.9"
},
{
"status": "affected",
"version": "21.11.15"
},
{
"status": "affected",
"version": "21.14.22"
},
{
"status": "affected",
"version": "21.20.3"
},
{
"status": "affected",
"version": "21.15.46"
},
{
"status": "affected",
"version": "21.18.7"
},
{
"status": "affected",
"version": "21.19.n3"
},
{
"status": "affected",
"version": "21.15.47"
},
{
"status": "affected",
"version": "21.15.48"
},
{
"status": "affected",
"version": "21.19.5"
},
{
"status": "affected",
"version": "21.17.10"
},
{
"status": "affected",
"version": "21.18.8"
},
{
"status": "affected",
"version": "21.16.6"
},
{
"status": "affected",
"version": "21.12.19"
},
{
"status": "affected",
"version": "21.13.21"
},
{
"status": "affected",
"version": "21.20.4"
},
{
"status": "affected",
"version": "21.18.9"
},
{
"status": "affected",
"version": "21.19.n4"
},
{
"status": "affected",
"version": "21.17.11"
},
{
"status": "affected",
"version": "21.18.11"
},
{
"status": "affected",
"version": "21.19.6"
},
{
"status": "affected",
"version": "21.16.c15"
},
{
"status": "affected",
"version": "21.16.7"
},
{
"status": "affected",
"version": "21.17.12"
},
{
"status": "affected",
"version": "21.21.0"
},
{
"status": "affected",
"version": "21.17.13"
},
{
"status": "affected",
"version": "21.11.16"
},
{
"status": "affected",
"version": "21.12.20"
},
{
"status": "affected",
"version": "21.18.12"
},
{
"status": "affected",
"version": "21.12.21"
},
{
"status": "affected",
"version": "21.14.b22"
},
{
"status": "affected",
"version": "21.19.7"
},
{
"status": "affected",
"version": "21.20.6"
},
{
"status": "affected",
"version": "21.18.13"
},
{
"status": "affected",
"version": "21.19.n5"
},
{
"status": "affected",
"version": "21.18.14"
},
{
"status": "affected",
"version": "21.20.7"
},
{
"status": "affected",
"version": "21.11.17"
},
{
"status": "affected",
"version": "21.17.14"
},
{
"status": "affected",
"version": "21.19.8"
},
{
"status": "affected",
"version": "21.20.8"
},
{
"status": "affected",
"version": "21.19.9"
},
{
"status": "affected",
"version": "21.17.15"
},
{
"status": "affected",
"version": "21.20.9"
},
{
"status": "affected",
"version": "21.18.15"
},
{
"status": "affected",
"version": "21.15.51"
},
{
"status": "affected",
"version": "21.14.23"
},
{
"status": "affected",
"version": "21.19.10"
},
{
"status": "affected",
"version": "21.20.k6"
},
{
"status": "affected",
"version": "21.11.18"
},
{
"status": "affected",
"version": "21.19.n6"
},
{
"status": "affected",
"version": "21.16.8"
},
{
"status": "affected",
"version": "21.15.52"
},
{
"status": "affected",
"version": "21.17.16"
},
{
"status": "affected",
"version": "21.20.10"
},
{
"status": "affected",
"version": "21.15.53"
},
{
"status": "affected",
"version": "21.11.19"
},
{
"status": "affected",
"version": "21.20.k7"
},
{
"status": "affected",
"version": "21.15.54"
},
{
"status": "affected",
"version": "21.20.11"
},
{
"status": "affected",
"version": "21.20.u8"
},
{
"status": "affected",
"version": "21.21.1"
},
{
"status": "affected",
"version": "21.17.17"
},
{
"status": "affected",
"version": "21.15.55"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ipsecmgr process of Cisco\u0026nbsp;ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.\r\nThis vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/RL:X/RC:X/E:X",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T15:35:11.060Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-staros-ipsecmgr-dos-3gkHXwvS",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ipsecmgr-dos-3gkHXwvS"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-webui-gQLSFyPM\u003c/a\u003e\u003c/p\u003e\u003cp\u003eThis advisory is part of the October 2021 release of the Cisco\u0026nbsp;ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see \u003ca href=\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74773\"\u003eCisco\u0026nbsp;Event Response: October 2021 Cisco\u0026nbsp;ASA, FMC, and FTD Software Security Advisory Bundled Publication",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-webui-gQLSFyPM"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-sigverbypass-gPYXd6Mk",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-sigverbypass-gPYXd6Mk"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ"
},
{
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrbgp-rpki-dos-gvmjqxbk\u003c/a\u003e\u003c/p\u003e\u003cp\u003eThis advisory is part of the September 2021 release of the Cisco\u0026nbsp;IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see \u003ca href=\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74637\"\u003eCisco\u0026nbsp;Event Response: September 2021 Cisco\u0026nbsp;IOS XR Software Security Advisory Bundled Publication",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrbgp-rpki-dos-gvmjqxbk"
}
],
"source": {
"advisory": "cisco-sa-staros-ipsecmgr-dos-3gkHXwvS",
"defects": [
"CSCvv74352"
],
"discovery": "INTERNAL"
},
"title": "Cisco ASR 5000 Series Software (StarOS) ipsecmgr Process Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1424",
"datePublished": "2024-11-18T15:35:11.060Z",
"dateReserved": "2020-11-13T00:00:00.000Z",
"dateUpdated": "2024-11-18T16:18:16.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1539
Vulnerability from cvelistv5
Published
2021-06-04 16:45
Modified
2024-11-07 22:09
Severity ?
EPSS score ?
Summary
Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1539",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:41:43.467282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:09:26.621Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-04T16:45:58",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
],
"source": {
"advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
"defect": [
[
"CSCvu85001",
"CSCvv33622"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-06-02T16:00:00",
"ID": "CVE-2021-1539",
"STATE": "PUBLIC",
"TITLE": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
]
},
"source": {
"advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
"defect": [
[
"CSCvu85001",
"CSCvv33622"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1539",
"datePublished": "2021-06-04T16:45:58.314042Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:09:26.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20051
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-28 16:31
Severity ?
EPSS score ?
Summary
Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.844Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230405 Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20051",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T16:24:30.430738Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T16:31:14.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-04-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-05T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230405 Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q"
}
],
"source": {
"advisory": "cisco-sa-cisco-pdng-dos-KmzwEy2Q",
"defect": [
[
"CSCwb32089"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20051",
"datePublished": "2023-04-05T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-28T16:31:14.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3500
Vulnerability from cvelistv5
Published
2020-08-17 18:00
Modified
2024-11-13 18:16
Severity ?
EPSS score ?
Summary
Cisco StarOS IPv6 Denial of Service Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m | vendor-advisory, x_refsource_CISCO |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Cisco | Cisco ASR 5000 Series Software |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200805 Cisco StarOS IPv6 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:24:57.726835Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:16:15.224Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-17T18:00:26",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200805 Cisco StarOS IPv6 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m"
}
],
"source": {
"advisory": "cisco-sa-asr5k-ipv6-dos-ce3zhF8m",
"defect": [
[
"CSCvu23797"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco StarOS IPv6 Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-08-05T16:00:00",
"ID": "CVE-2020-3500",
"STATE": "PUBLIC",
"TITLE": "Cisco StarOS IPv6 Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200805 Cisco StarOS IPv6 Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m"
}
]
},
"source": {
"advisory": "cisco-sa-asr5k-ipv6-dos-ce3zhF8m",
"defect": [
[
"CSCvu23797"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3500",
"datePublished": "2020-08-17T18:00:26.607744Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T18:16:15.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}