Vulnerabilities > Cisco > Staros > 21.3.0.67664

DATE CVE VULNERABILITY TITLE RISK
2018-03-08 CVE-2018-0224 OS Command Injection vulnerability in Cisco Staros 21.3.0.67664/21.5.0
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected operating system.
local
low complexity
cisco CWE-78
7.2
7.2
2018-02-08 CVE-2018-0122 OS Command Injection vulnerability in Cisco Staros 21.3.0.67664
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system.
local
low complexity
cisco CWE-78
6.6
6.6