Vulnerabilities > Cisco > Staros > 21.17.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-09 | CVE-2023-20046 | Insufficiently Protected Credentials vulnerability in Cisco Staros A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials. | 8.8 |
| 2022-04-06 | CVE-2022-20665 | Command Injection vulnerability in Cisco Staros A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
| 2021-06-04 | CVE-2021-1539 | Unspecified vulnerability in Cisco Staros Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. | 8.8 |
| 2021-06-04 | CVE-2021-1540 | Unspecified vulnerability in Cisco Staros Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. | 7.2 |
| 2021-02-17 | CVE-2021-1378 | Unspecified vulnerability in Cisco Staros A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. | 7.5 |
| 2021-01-20 | CVE-2021-1353 | Unspecified vulnerability in Cisco Staros A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
| 2021-01-13 | CVE-2021-1145 | Link Following vulnerability in Cisco Staros A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. | 6.5 |
| 2020-10-08 | CVE-2020-3602 | OS Command Injection vulnerability in Cisco Staros A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
| 2020-10-08 | CVE-2020-3601 | OS Command Injection vulnerability in Cisco Staros A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
| 2020-08-17 | CVE-2020-3500 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Staros A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |