Vulnerabilities > Cisco > Staros > 21.20.9

DATE CVE VULNERABILITY TITLE RISK
2023-05-09 CVE-2023-20046 Insufficiently Protected Credentials vulnerability in Cisco Staros
A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials.
network
low complexity
cisco CWE-522
8.8
8.8
2022-04-06 CVE-2022-20665 Command Injection vulnerability in Cisco Staros
A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device.
local
low complexity
cisco CWE-77
6.7
6.7
2021-01-20 CVE-2021-1353 Unspecified vulnerability in Cisco Staros
A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco
8.6
8.6