Vulnerabilities > Cisco > ASR 5000 Software
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-17 | CVE-2017-6775 | Unspecified vulnerability in Cisco ASR 5000 Software 21.0.V0.65839 A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges. | 4.6 |
| 2017-08-17 | CVE-2017-6774 | Files or Directories Accessible to External Parties vulnerability in Cisco ASR 5000 Software 21.0.V0.65839 A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files. | 4.0 |
| 2017-08-17 | CVE-2017-6773 | Improper Input Validation vulnerability in Cisco ASR 5000 Software 21.0.V0.65839 A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system. | 4.6 |
| 2017-07-10 | CVE-2017-6729 | Unspecified vulnerability in Cisco ASR 5000 Software A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote attacker to cause the BGP process on an affected system to reload, resulting in a denial of service (DoS) condition. | 5.0 |
| 2017-06-13 | CVE-2017-6690 | Improper Input Validation vulnerability in Cisco ASR 5000 Software 21.0.V0.65839/21.3.M0.67005 A vulnerability in the file check operation of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify arbitrary files on an affected system. | 4.0 |
| 2016-11-03 | CVE-2016-6455 | Resource Management Errors vulnerability in Cisco ASR 5000 Software A vulnerability in the Slowpath of StarOS for Cisco ASR 5500 Series routers with Data Processing Card 2 (DPC2) could allow an unauthenticated, remote attacker to cause a subset of the subscriber sessions to be disconnected, resulting in a partial denial of service (DoS) condition. | 5.0 |
| 2016-07-15 | CVE-2016-1452 | Information Exposure vulnerability in Cisco ASR 5000 and ASR 5000 Software Cisco ASR 5000 devices with software 18.3 through 20.0.0 allow remote attackers to make configuration changes over SNMP by leveraging knowledge of the read-write community, aka Bug ID CSCuz29526. | 6.4 |
| 2016-06-23 | CVE-2016-1436 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco ASR 5000 Software The General Packet Radio Switching Tunneling Protocol 1 (aka GTPv1) implementation on Cisco ASR 5000 Packet Data Network Gateway devices before 19.4 allows remote attackers to cause a denial of service (Session Manager process restart) via a crafted GTPv1 packet, aka Bug ID CSCuz46198. | 5.0 |
| 2015-10-30 | CVE-2015-6351 | Improper Input Validation vulnerability in Cisco ASR 5000 Software 19.1.0.61559/19.2.0 Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices with software 19.1.0.61559 and 19.2.0 allow remote attackers to cause a denial of service (BGP process restart) via a crafted header in a BGP packet, aka Bug ID CSCuw65781. | 5.0 |
| 2015-10-27 | CVE-2015-6340 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco ASR 5000 Software 19.0.M0.60737 The Proxy Mobile IPv6 (PMIPv6) component in the CDMA implementation on Cisco ASR 5000 devices with software 19.0.M0.60737 allows remote attackers to cause a denial of service (hamgr process restart) via a crafted header in a PMIPv6 packet, aka Bug ID CSCuv63280. | 5.0 |