Vulnerabilities > Cisco > ASR 5000 Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-03-08 CVE-2018-0217 OS Command Injection vulnerability in Cisco products
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system.
local
low complexity
cisco CWE-78
6.7
2018-02-08 CVE-2018-0117 Improper Input Validation vulnerability in Cisco ASR 5000 Firmware and ASR 5500 Firmware
A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
8.6