All the vulnerabilites related to cisco - virtualized_packet_core
Vulnerability from fkie_nvd
Published
2016-11-19 03:03
Modified
2024-11-21 02:56
Severity ?
Summary
A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Known Fixed Releases: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | asr_5000_series_software | 20.0.0 | |
| cisco | asr_5000_series_software | 20.0.2.3 | |
| cisco | asr_5000_series_software | 20.0.2.v1 | |
| cisco | virtualized_packet_core | 20.0_base |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:20.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE327B4-D5D7-48CD-81CE-2729CA9DC7D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:20.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB2D4DA-F2F3-4DE8-B9CC-1AA620E0796A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:20.0.2.v1:*:*:*:*:*:*:*",
"matchCriteriaId": "9924D0D1-C83D-469C-9F39-0241C14C5267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:20.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "7189D618-156E-411E-808B-E254DECD51B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Known Fixed Releases: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el componente IPsec de StarOS para routers Cisco ASR 5000 Series podr\u00edan permitir a un atacante remoto no autenticado finalizar todos los t\u00faneles activos VPN IPsec y prevenir que se establezcan nuevos t\u00faneles, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad afecta a los siguientes productos Cisco: routers Cisco ASR 5000/5500 Series, Cisco Virtualized Packet Core (VPC). M\u00e1s informaci\u00f3n: CSCva13631. Lanzamientos conocidos afectados: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Lanzamientos conocidos solucionados: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147."
}
],
"id": "CVE-2016-6466",
"lastModified": "2024-11-21T02:56:11.263",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-19T03:03:08.150",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/94361"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1037308"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asr"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-26 07:29
Modified
2024-11-21 03:30
Severity ?
Summary
A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending crafted UDP packets to the distributed instance (DI) network addresses of both CF instances on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability can be exploited via IPv4 traffic only. Cisco Bug IDs: CSCvc01665 CSCvc35565.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/99195 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-vpc | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99195 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-vpc | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | virtualized_packet_core | v19.2_base | |
| cisco | virtualized_packet_core | v19.3_base | |
| cisco | virtualized_packet_core | v20.0_base | |
| cisco | virtualized_packet_core | v20.1_base | |
| cisco | virtualized_packet_core | v20.2_base | |
| cisco | virtualized_packet_core | v21.0_base |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:v19.2_base:*:*:*:*:*:*:*",
"matchCriteriaId": "76DE3913-DE6C-48A2-BB24-6AF617501DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:v19.3_base:*:*:*:*:*:*:*",
"matchCriteriaId": "89FE29AF-11C8-495F-86C2-B19B14FD4D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:v20.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3CA29A-DA96-4C48-8140-A73C5857DBE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:v20.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "A7E2AF37-4985-433F-80BE-7060E921A3B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:v20.2_base:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DC29E7-BEE9-4CAA-892C-77FD39A10263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:v21.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "36453D39-614F-4086-8977-A4466BBB6B64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending crafted UDP packets to the distributed instance (DI) network addresses of both CF instances on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability can be exploited via IPv4 traffic only. Cisco Bug IDs: CSCvc01665 CSCvc35565."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de procesamiento de paquetes de entrada UDP del software Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) de la versi\u00f3n 19.2 a la 21.0 podr\u00eda permitir que un atacante remoto no autenticado haga que ambas instancias de funci\u00f3n de control (CF) se recarguen en un sistema afectado, lo que resulta en una denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a la gesti\u00f3n insuficiente por parte del software afectado de datos proporcionados por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad enviando paquetes UDP manipulados a las direcciones de red de la instancia distribuida (DI) de ambas instancias CF en un sistema afectado. Un exploit con \u00e9xito podr\u00eda permitir que el atacante provoque una condici\u00f3n de error no gestionada en el sistema afectado, lo que provocar\u00eda que las instancias CF se recarguen y hagan que el VPC completo se recargue. Esto resulta en la desconexi\u00f3n de todos los suscriptores y una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en el sistema afectado. Esta vulnerabilidad solo puede ser explotada mediante tr\u00e1fico IPv4. Cisco Bug IDs: CSCvc01665 CSCvc35565."
}
],
"id": "CVE-2017-6678",
"lastModified": "2024-11-21T03:30:17.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-26T07:29:00.247",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99195"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-vpc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-vpc"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-04 17:15
Modified
2024-11-21 05:44
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B3FDA9A-CEB5-451B-AE92-4AE727D477FB",
"versionEndExcluding": "21.16.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62DD8225-32A7-41B0-AD98-D087835FAC7E",
"versionEndExcluding": "21.17.10",
"versionStartIncluding": "21.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C993F0DB-5AD2-4FF4-AF4D-7F99C9CF0396",
"versionEndExcluding": "21.18.16",
"versionStartIncluding": "21.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "739F9C47-AEAC-41CC-B9BB-36EA43F081CB",
"versionEndExcluding": "21.19.11",
"versionStartIncluding": "21.19.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D823601-77FE-40A2-B281-D5E4547B28C0",
"versionEndExcluding": "21.19.n7",
"versionStartIncluding": "21.19.n",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27025ED8-2512-4F81-81F2-FD836D4CA68F",
"versionEndExcluding": "21.20.8",
"versionStartIncluding": "21.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746254AC-B039-432C-AA5C-A82260E57AD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "301681DF-2A9E-4A91-9918-4A46153ADC01",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EF0299-16A7-446D-855D-BFF91EE65534",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88F195D-ECA6-414A-B8C0-6C8B47B595E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en el proceso de autorizaci\u00f3n de Cisco ASR 5000 Series Software (StarOS), podr\u00eda permitir a un atacante remoto autenticado omitir la autorizaci\u00f3n y ejecutar un subconjunto de comandos de CLI en un dispositivo afectado. Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1540",
"lastModified": "2024-11-21T05:44:34.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-04T17:15:09.917",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-15 20:59
Modified
2024-11-21 03:26
Severity ?
Summary
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered via both IPv4 and IPv6 traffic. An established TCP connection toward port 22, the SSH default port, is needed to perform the attack. The attacker must have valid credentials to login to the system via SSH or SFTP. The following products have been confirmed to be vulnerable: Cisco ASR 5000/5500/5700 Series devices running StarOS after 17.7.0 and prior to 18.7.4, 19.5, and 20.2.3 with SSH configured are vulnerable. Cisco Virtualized Packet Core - Single Instance (VPC-SI) and Distributed Instance (VPC-DI) devices running StarOS prior to N4.2.7 (19.3.v7) and N4.7 (20.2.v0) with SSH configured are vulnerable. Cisco Bug IDs: CSCva65853.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79B57288-1315-4FE2-98EC-3BA853B153FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.0.0.57828:*:*:*:*:*:*:*",
"matchCriteriaId": "D42B4015-BE1D-4331-94F8-BE09C97C3577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.0.0.59167:*:*:*:*:*:*:*",
"matchCriteriaId": "6FDD7437-E7C1-431F-933C-D1D861B22570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.0.0.59211:*:*:*:*:*:*:*",
"matchCriteriaId": "200B5C31-A417-4E1C-8DEA-BAEBE9ED2385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.0.l0.59219:*:*:*:*:*:*:*",
"matchCriteriaId": "92C13FB6-82A5-48B1-B88A-34FB9C6E76F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F411E10A-D6D2-4A20-80AD-A274A91BB16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.1.0.59776:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF3CC6F-A983-4199-BF06-8D10DB7811AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.1.0.59780:*:*:*:*:*:*:*",
"matchCriteriaId": "923253CB-11EF-4081-8748-DEC92E91C7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "56B5F97D-7AD7-4E62-82CC-685ACC732437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5B5E37-D630-4BE5-A23C-65D5C6C8BBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.3_base:*:*:*:*:*:*:*",
"matchCriteriaId": "6E83AF5F-D4F3-46EB-ABED-EC6A64CF1C0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:18.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91A9DF64-3AF6-4DA7-B97C-34D8D502C4E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:19.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "701EB7E5-C0D8-4946-AECD-276131896091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:19.0.m0.60737:*:*:*:*:*:*:*",
"matchCriteriaId": "CE570D8B-CFFE-4BCC-B93B-C0E78C44E49C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:19.0.m0.60828:*:*:*:*:*:*:*",
"matchCriteriaId": "B759ACB4-0A70-4891-9C28-68300000AAD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:19.0.m0.61045:*:*:*:*:*:*:*",
"matchCriteriaId": "6A457D1F-C1CA-43BA-8623-012BD07E468F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:19.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13B1F09F-CBAA-4CA6-AE80-F89F02876E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:19.1.0.61559:*:*:*:*:*:*:*",
"matchCriteriaId": "5740B38F-BBD3-499D-A8B6-685EE7D9E146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:19.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "02C994D7-9759-41F7-B672-3EC2FD8C7FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:19.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1938A8E-8DAC-43FA-98C8-8BBEC8061701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:asr_5000_series_software:20.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE327B4-D5D7-48CD-81CE-2729CA9DC7D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:v18.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "E272EDB8-CA6A-4AC9-9BD3-7322C4A4115F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:v19.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "2E055E0A-21F4-4036-A985-3EFB1022F9E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:v20.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "9F3CA29A-DA96-4C48-8140-A73C5857DBE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered via both IPv4 and IPv6 traffic. An established TCP connection toward port 22, the SSH default port, is needed to perform the attack. The attacker must have valid credentials to login to the system via SSH or SFTP. The following products have been confirmed to be vulnerable: Cisco ASR 5000/5500/5700 Series devices running StarOS after 17.7.0 and prior to 18.7.4, 19.5, and 20.2.3 with SSH configured are vulnerable. Cisco Virtualized Packet Core - Single Instance (VPC-SI) and Distributed Instance (VPC-DI) devices running StarOS prior to N4.2.7 (19.3.v7) and N4.7 (20.2.v0) with SSH configured are vulnerable. Cisco Bug IDs: CSCva65853."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escalada de privilegios en el subsistema Secure Shell (SSH) en el sistema operativo StarOS para dispositivos Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series y Cisco Virtualized Packet Core podr\u00edan permitir a un atacante remoto autenticado obtener acceso no restringido al shell del root. La vulnerabilidad se debe a falta de validaci\u00f3n de entrada de los par\u00e1metros pasados ??durante el inicio de sesi\u00f3n de SSH o SFTP. Un atacante podr\u00eda explotar esta vulnerabilidad proporcionando una entrada de usuario manipulada a la interfaz de l\u00ednea de comandos (CLI) de SSH o SFTP durante el inicio de sesi\u00f3n de SSH o SFTP. Una explotaci\u00f3n podr\u00eda permitir a un atacante autenticado obtener acceso privilegiado al root en el router. Nota: S\u00f3lo se puede utilizar tr\u00e1fico dirigido al sistema afectado para explotar esta vulnerabilidad. Esta vulnerabilidad puede ser desencadenada a trav\u00e9s de tr\u00e1fico tanto IPv4 como IPv6. Se necesita una conexi\u00f3n TCP establecida hacia el puerto 22, el puerto por defecto SSH, para realizar el ataque. El atacante debe tener credenciales v\u00e1lidas para iniciar sesi\u00f3n en el sistema a trav\u00e9s de SSH o SFTP. Se ha confirmado que los siguientes productos son vulnerables: los dispositivos Cisco ASR 5000/5500/5700 que ejecutan StarOS despu\u00e9s de 17.7.0 y anteriores a 18.7.4, 19.5 y 20.2.3 con SSH configurados son vulnerables. Los dispositivos Cisco Virtualized Packet Core - Single Instance (VPC-SI) y Distributed Instrance (VPC-DI) que ejecutan StarOS en versiones anteriores a N4.2.7 (19.3.v7) y N4.7 (20.2.v0) con SSH configurado son vulnerables. ID de errores de Cisco: CSCva65853."
}
],
"id": "CVE-2017-3819",
"lastModified": "2024-11-21T03:26:10.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-15T20:59:00.147",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96913"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1038050"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1038050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-06-04 17:15
Modified
2024-11-21 05:44
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B3FDA9A-CEB5-451B-AE92-4AE727D477FB",
"versionEndExcluding": "21.16.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62DD8225-32A7-41B0-AD98-D087835FAC7E",
"versionEndExcluding": "21.17.10",
"versionStartIncluding": "21.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C993F0DB-5AD2-4FF4-AF4D-7F99C9CF0396",
"versionEndExcluding": "21.18.16",
"versionStartIncluding": "21.18.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "739F9C47-AEAC-41CC-B9BB-36EA43F081CB",
"versionEndExcluding": "21.19.11",
"versionStartIncluding": "21.19.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2D823601-77FE-40A2-B281-D5E4547B28C0",
"versionEndExcluding": "21.19.n7",
"versionStartIncluding": "21.19.n",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27025ED8-2512-4F81-81F2-FD836D4CA68F",
"versionEndExcluding": "21.20.8",
"versionStartIncluding": "21.20.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746254AC-B039-432C-AA5C-A82260E57AD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "301681DF-2A9E-4A91-9918-4A46153ADC01",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EF0299-16A7-446D-855D-BFF91EE65534",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:virtualized_packet_core:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B88F195D-ECA6-414A-B8C0-6C8B47B595E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en el proceso de autorizaci\u00f3n de Cisco ASR 5000 Series Software (StarOS), podr\u00eda permitir a un atacante remoto autenticado omitir la autorizaci\u00f3n y ejecutar un subconjunto de comandos de CLI en un dispositivo afectado. Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso"
}
],
"id": "CVE-2021-1539",
"lastModified": "2024-11-21T05:44:34.693",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-04T17:15:09.757",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "ykramarz@cisco.com",
"type": "Primary"
}
]
}
cve-2021-1540
Vulnerability from cvelistv5
Published
2021-06-04 16:46
Modified
2024-11-07 22:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco ASR 5000 Series Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1540",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:41:42.298517Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:09:20.180Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-04T16:46:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
],
"source": {
"advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
"defect": [
[
"CSCvu85001",
"CSCvv33622"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-06-02T16:00:00",
"ID": "CVE-2021-1540",
"STATE": "PUBLIC",
"TITLE": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
]
},
"source": {
"advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
"defect": [
[
"CSCvu85001",
"CSCvv33622"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1540",
"datePublished": "2021-06-04T16:46:02.739386Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:09:20.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6678
Vulnerability from cvelistv5
Published
2017-06-26 07:00
Modified
2024-08-05 15:33
Severity ?
EPSS score ?
Summary
A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending crafted UDP packets to the distributed instance (DI) network addresses of both CF instances on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability can be exploited via IPv4 traffic only. Cisco Bug IDs: CSCvc01665 CSCvc35565.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99195 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-vpc | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Virtualized Packet Core-Distributed Instance |
Version: Cisco Virtualized Packet Core-Distributed Instance |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:33:20.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99195",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99195"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-vpc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Virtualized Packet Core-Distributed Instance",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Virtualized Packet Core-Distributed Instance"
}
]
}
],
"datePublic": "2017-06-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending crafted UDP packets to the distributed instance (DI) network addresses of both CF instances on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability can be exploited via IPv4 traffic only. Cisco Bug IDs: CSCvc01665 CSCvc35565."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-26T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99195",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99195"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-vpc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6678",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Virtualized Packet Core-Distributed Instance",
"version": {
"version_data": [
{
"version_value": "Cisco Virtualized Packet Core-Distributed Instance"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending crafted UDP packets to the distributed instance (DI) network addresses of both CF instances on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability can be exploited via IPv4 traffic only. Cisco Bug IDs: CSCvc01665 CSCvc35565."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99195",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99195"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-vpc",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-vpc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6678",
"datePublished": "2017-06-26T07:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-08-05T15:33:20.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-3819
Vulnerability from cvelistv5
Published
2017-03-15 20:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered via both IPv4 and IPv6 traffic. An established TCP connection toward port 22, the SSH default port, is needed to perform the attack. The attacker must have valid credentials to login to the system via SSH or SFTP. The following products have been confirmed to be vulnerable: Cisco ASR 5000/5500/5700 Series devices running StarOS after 17.7.0 and prior to 18.7.4, 19.5, and 20.2.3 with SSH configured are vulnerable. Cisco Virtualized Packet Core - Single Instance (VPC-SI) and Distributed Instance (VPC-DI) devices running StarOS prior to N4.2.7 (19.3.v7) and N4.7 (20.2.v0) with SSH configured are vulnerable. Cisco Bug IDs: CSCva65853.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/96913 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038050 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco StarOS |
Version: Cisco StarOS |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96913",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96913"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr"
},
{
"name": "1038050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038050"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco StarOS",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco StarOS"
}
]
}
],
"datePublic": "2017-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered via both IPv4 and IPv6 traffic. An established TCP connection toward port 22, the SSH default port, is needed to perform the attack. The attacker must have valid credentials to login to the system via SSH or SFTP. The following products have been confirmed to be vulnerable: Cisco ASR 5000/5500/5700 Series devices running StarOS after 17.7.0 and prior to 18.7.4, 19.5, and 20.2.3 with SSH configured are vulnerable. Cisco Virtualized Packet Core - Single Instance (VPC-SI) and Distributed Instance (VPC-DI) devices running StarOS prior to N4.2.7 (19.3.v7) and N4.7 (20.2.v0) with SSH configured are vulnerable. Cisco Bug IDs: CSCva65853."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "Privilege Escalation Vulnerability CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "96913",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96913"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr"
},
{
"name": "1038050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038050"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-3819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco StarOS",
"version": {
"version_data": [
{
"version_value": "Cisco StarOS"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered via both IPv4 and IPv6 traffic. An established TCP connection toward port 22, the SSH default port, is needed to perform the attack. The attacker must have valid credentials to login to the system via SSH or SFTP. The following products have been confirmed to be vulnerable: Cisco ASR 5000/5500/5700 Series devices running StarOS after 17.7.0 and prior to 18.7.4, 19.5, and 20.2.3 with SSH configured are vulnerable. Cisco Virtualized Packet Core - Single Instance (VPC-SI) and Distributed Instance (VPC-DI) devices running StarOS prior to N4.2.7 (19.3.v7) and N4.7 (20.2.v0) with SSH configured are vulnerable. Cisco Bug IDs: CSCva65853."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation Vulnerability CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96913",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96913"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr"
},
{
"name": "1038050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038050"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-3819",
"datePublished": "2017-03-15T20:00:00",
"dateReserved": "2016-12-21T00:00:00",
"dateUpdated": "2024-08-05T14:39:41.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-6466
Vulnerability from cvelistv5
Published
2016-11-19 02:45
Modified
2024-08-06 01:29
Severity ?
EPSS score ?
Summary
A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Known Fixed Releases: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asr | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1037308 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/94361 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco StarOS 20.0.0 through 21.0.M0.64246 |
Version: Cisco StarOS 20.0.0 through 21.0.M0.64246 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:29:20.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asr"
},
{
"name": "1037308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037308"
},
{
"name": "94361",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94361"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco StarOS 20.0.0 through 21.0.M0.64246",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco StarOS 20.0.0 through 21.0.M0.64246"
}
]
}
],
"datePublic": "2016-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Known Fixed Releases: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "unspecified",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-27T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asr"
},
{
"name": "1037308",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037308"
},
{
"name": "94361",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94361"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6466",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco StarOS 20.0.0 through 21.0.M0.64246",
"version": {
"version_data": [
{
"version_value": "Cisco StarOS 20.0.0 through 21.0.M0.64246"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series routers, Cisco Virtualized Packet Core (VPC). More Information: CSCva13631. Known Affected Releases: 20.0.0 20.1.0 20.2.0 20.2.3 20.2.v1 21.0.0 21.0.M0.64246. Known Fixed Releases: 20.2.3 20.2.3.65026 20.2.a4.65307 20.2.v1 20.2.v1.65353 20.3.M0.65037 20.3.T0.65043 21.0.0 21.0.0.65256 21.0.M0.64595 21.0.M0.64860 21.0.M0.65140 21.0.V0.65052 21.0.V0.65150 21.0.V0.65366 21.0.VC0.64639 21.1.A0.64861 21.1.A0.65145 21.1.PP0.65270 21.1.R0.65130 21.1.R0.65135 21.1.R0.65154 21.1.VC0.64898 21.1.VC0.65203 21.2.A0.65147."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asr",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161116-asr"
},
{
"name": "1037308",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037308"
},
{
"name": "94361",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94361"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-6466",
"datePublished": "2016-11-19T02:45:00",
"dateReserved": "2016-07-26T00:00:00",
"dateUpdated": "2024-08-06T01:29:20.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1539
Vulnerability from cvelistv5
Published
2021-06-04 16:45
Modified
2024-11-07 22:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco ASR 5000 Series Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:11:17.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1539",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:41:43.467282Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:09:26.621Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco ASR 5000 Series Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-06-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-04T16:45:58",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
],
"source": {
"advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
"defect": [
[
"CSCvu85001",
"CSCvv33622"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-06-02T16:00:00",
"ID": "CVE-2021-1539",
"STATE": "PUBLIC",
"TITLE": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco ASR 5000 Series Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
}
]
},
"source": {
"advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
"defect": [
[
"CSCvu85001",
"CSCvv33622"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1539",
"datePublished": "2021-06-04T16:45:58.314042Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:09:26.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}