Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
staros vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv2
CVE-2016-1335
The SSH implementation in Cisco StarOS prior to 19.3.M0.62771 and 20.x prior to 20.0.M0.62768 on ASR 5000 devices mishandles a multi-user public-key authentication configuration, which allows remote authenticated users to gain privileges by establishing a connection from an endpo...
Cisco Asr 5000 Series Software 20.0.0
Cisco Asr 5000 Series Software 16.5.2
Cisco Asr 5000 Series Software 19.3.0
Cisco Asr 5000 Series Software 19.0.1
Cisco Asr 5000 Series Software 18.4.0
Cisco Asr 5000 Series Software 17.7.0
NA
CVE-2021-1424
A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2...
7.8
CVSSv2
CVE-2020-3500
A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exp...
Cisco Staros
5
CVSSv2
CVE-2021-1353
A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker coul...
Cisco Staros
Cisco Virtualized Packet Core-single Instance -
NA
CVE-2020-3324
A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit t...
5
CVSSv2
CVE-2017-6729
A vulnerability in the Border Gateway Protocol (BGP) processing functionality of the Cisco StarOS operating system for Cisco ASR 5000 Series Routers and Cisco Virtualized Packet Core (VPC) Software could allow an unauthenticated, remote malicious user to cause the BGP process on ...
Cisco Asr 5000 Software 16.5.0
Cisco Asr 5000 Software 17.2.0
Cisco Asr 5000 Software 17.3.0
Cisco Asr 5000 Software 17.3.1
Cisco Asr 5000 Software 17.3.9.62033
Cisco Asr 5000 Software 17.3 Base
Cisco Asr 5000 Software 18.4.0
Cisco Asr 5000 Software 19.0.1
Cisco Asr 5000 Software 19.0.m0.60737
Cisco Asr 5000 Software 19.0.m0.60828
Cisco Asr 5000 Software 20.0.2.3.65026
Cisco Asr 5000 Software 20.0.2.v1
Cisco Asr 5000 Software 20.0.m0.62842
Cisco Asr 5000 Software 20.0.m0.63229
Cisco Asr 5000 Software 20.0.v0
Cisco Asr 5000 Software 16.4.1
Cisco Asr 5000 Software 18.0.0.59167
Cisco Asr 5000 Software 18.0.0.59211
Cisco Asr 5000 Software 18.0.l0.59219
Cisco Asr 5000 Software 18.1.0
Cisco Asr 5000 Software 18.1.0.59776
Cisco Asr 5000 Software 19.3.0
5
CVSSv2
CVE-2020-3244
A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote malicious user to bypass the traffic classification rules on an affected device. The vulnerability is due to insuffici...
Cisco Staros
9.3
CVSSv2
CVE-2020-11896
The Treck TCP/IP stack prior to 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.
Treck Tcp\\/ip
3 Github repositories
1 Article
10
CVSSv2
CVE-2020-11897
The Treck TCP/IP stack prior to 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets.
Treck Tcp\\/ip
1 Github repository
1 Article
6.4
CVSSv2
CVE-2020-11898
The Treck TCP/IP stack prior to 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote malicious users to trigger an information leak.
Treck Tcp\\/ip
1 Github repository
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »