Vulnerabilities > Cisco > Staros > 21.4.0

DATE CVE VULNERABILITY TITLE RISK
2020-01-26 CVE-2019-16026 Improper Input Validation vulnerability in Cisco Staros
A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device.
network
high complexity
cisco CWE-20
5.9
2018-07-16 CVE-2018-0369 Improper Input Validation vulnerability in Cisco Staros
A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
8.6
2018-04-19 CVE-2018-0273 Unspecified vulnerability in Cisco Staros
A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being established, resulting in a denial of service (DoS) condition.
network
low complexity
cisco
5.3
2018-04-19 CVE-2018-0239 Allocation of Resources Without Limits or Throttling vulnerability in Cisco Staros
A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets.
network
low complexity
cisco CWE-770
7.5