This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Cisco First view 2013-08-05
Product Staros Last view 2020-10-08
Version Type Os
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:cisco:staros:14.0:*:*:*:*:*:*:* 9
cpe:2.3:o:cisco:staros:18.1.0.59776:*:*:*:*:*:*:* 9
cpe:2.3:o:cisco:staros:21.0_m0.64246:*:*:*:*:*:*:* 9
cpe:2.3:o:cisco:staros:21.0_m0.64702:*:*:*:*:*:*:* 9
cpe:2.3:o:cisco:staros:21.0.0:*:*:*:*:*:*:* 9
cpe:2.3:o:cisco:staros:21.3.0.67664:*:*:*:*:*:*:* 9
cpe:2.3:o:cisco:staros:21.4.0:*:*:*:*:*:*:* 9
cpe:2.3:o:cisco:staros:12.2(300):*:*:*:*:*:*:* 9
cpe:2.3:o:cisco:staros:14.0(600):*:*:*:*:*:*:* 9
cpe:2.3:o:cisco:staros:12.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:11.0_base:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:12.0.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:12.1_base:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:12.2_base:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:14.0.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:15.0_base:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:16.0.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:16.1.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:16.1.1:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:16.1.2:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:17.2.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:17.2.0.59184:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:18.1_base:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:18.1.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:18.1.0.59780:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:18.0.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:18.0.l0.59219:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:18.0.0.59167:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:18.0.0.59211:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:18.0.0.57828:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:19.0.m0.60737:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:19.0.m0.60828:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:19.0.m0.61045:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:19.0.1:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:19.1.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:19.1.0.61559:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:19.2.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:16.5.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:16.5.2:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:17.7.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:18.4.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:19.3.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:20.0.0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:20.0.2.3:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:20.0.2.v1:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:20.0.2.3.65026:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:20.0.m0.62842:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:20.0.v0:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:20.0.m0.63229:*:*:*:*:*:*:* 8
cpe:2.3:o:cisco:staros:20.0.1.0:*:*:*:*:*:*:* 8

Related : CVE

  Date Alert Description
6.7 2020-10-08 CVE-2020-3602

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.

6.7 2020-10-08 CVE-2020-3601

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.

8.6 2020-08-17 CVE-2020-3500

A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.

5.3 2020-06-18 CVE-2020-3244

A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption.

5.9 2020-01-26 CVE-2019-16026

A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition.

7.5 2019-06-19 CVE-2019-1869

A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.

8.6 2018-07-16 CVE-2018-0369

A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service (DoS) condition. There are four instances of the npusim process running per Service Function (SF) instance, each handling a subset of all traffic flowing across the device. It is possible to trigger a reload of all four instances of the npusim process around the same time. The vulnerability is due to improper handling of fragmented IPv4 packets containing options. An attacker could exploit this vulnerability by sending a malicious IPv4 packet across an affected device. An exploit could allow the attacker to trigger a restart of the npusim process, which will result in all traffic queued toward this instance of the npusim process to be dropped while the process is restarting. The npusim process typically restarts within less than a second. This vulnerability affects: Cisco Virtualized Packet Core-Single Instance (VPC-SI), Cisco Virtualized Packet Core-Distributed Instance (VPC-DI), Cisco Ultra Packet Core (UPC). Cisco Bug IDs: CSCvh29613.

5.3 2018-04-19 CVE-2018-0273

A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being established, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of corrupted Internet Key Exchange Version 2 (IKEv2) messages. An attacker could exploit this vulnerability by sending crafted IKEv2 messages toward an affected router. A successful exploit could allow the attacker to cause the ipsecmgr service to reload. A reload of this service could cause all IPsec VPN tunnels to be terminated and prevent new tunnels from being established until the service has restarted, resulting in a DoS condition. This vulnerability affects the following Cisco products when they are running Cisco StarOS: Cisco Aggregation Services Router (ASR) 5000 Series Routers, Virtualized Packet Core (VPC) System Software. Cisco Bug IDs: CSCve29605.

7.5 2018-04-19 CVE-2018-0239

A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets. The device may need to be manually reloaded to clear this Interface Forwarding Denial of Service condition. The vulnerability is due to the failure to properly check that the length of a packet to transmit does not exceed the maximum supported length of the network interface card (NIC). An attacker could exploit this vulnerability by sending a crafted IP packet or a series of crafted IP fragments through an interface on the targeted device. A successful exploit could allow the attacker to cause the network interface to cease forwarding packets. This vulnerability could be triggered by either IPv4 or IPv6 network traffic. This vulnerability affects the following Cisco products when they are running the StarOS operating system and a virtual interface card is installed on the device: Aggregation Services Router (ASR) 5700 Series, Virtualized Packet Core-Distributed Instance (VPC-DI) System Software, Virtualized Packet Core-Single Instance (VPC-SI) System Software. Cisco Bug IDs: CSCvf32385.

6.7 2018-03-08 CVE-2018-0224

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected operating system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by authenticating to an affected system and injecting malicious arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. Cisco Bug IDs: CSCvg38807.

4.4 2018-02-08 CVE-2018-0122

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command for the affected operating system. A successful exploit could allow the attacker to overwrite or modify arbitrary files that are stored in the flash memory of an affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93335.

6.7 2018-01-18 CVE-2018-0115

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected host operating system. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting malicious command arguments into a vulnerable CLI command. A successful exploit could allow the attacker to execute arbitrary commands with root privileges. To exploit this vulnerability, the attacker would need to authenticate to the affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93332.

8.2 2017-07-05 CVE-2017-6707

A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco ASR 5000 Series 11.0 through 21.0, 5500 Series, and 5700 Series devices and Cisco Virtualized Packet Core (VPC) Software could allow an authenticated, local attacker to break from the StarOS CLI of an affected system and execute arbitrary shell commands as a Linux root user on the system, aka Command Injection. The vulnerability exists because the affected operating system does not sufficiently sanitize commands before inserting them into Linux shell commands. An attacker could exploit this vulnerability by submitting a crafted CLI command for execution in a Linux shell command as a root user. Cisco Bug IDs: CSCvc69329, CSCvc72930.

5.8 2017-07-03 CVE-2017-3865

A vulnerability in the IPsec component of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. Affected Products: ASR 5000 Series Routers, Virtualized Packet Core (VPC) Software. More Information: CSCvc21129. Known Affected Releases: 21.1.0 21.1.M0.65601 21.1.v0. Known Fixed Releases: 21.2.A0.65754 21.1.b0.66164 21.1.V0.66014 21.1.R0.65759 21.1.M0.65749 21.1.0.66030 21.1.0.

5 2015-05-01 CVE-2015-0712

The session-manager service in Cisco StarOS 12.0, 12.2(300), 14.0, and 14.0(600) on ASR 5000 devices allows remote attackers to cause a denial of service (service reload and packet loss) via malformed HTTP packets, aka Bug ID CSCud14217.

5 2015-04-28 CVE-2015-0711

The hamgr service in the IPv6 Proxy Mobile (PM) implementation in Cisco StarOS 18.1.0.59776 on ASR 5000 devices allows remote attackers to cause a denial of service (service reload and call-processing outage) via malformed PM packets, aka Bug ID CSCut94711.

5.8 2013-08-05 CVE-2013-0149

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795.

CWE : Common Weakness Enumeration

%idName
46% (6) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
23% (3) CWE-20 Improper Input Validation
15% (2) CWE-399 Resource Management Errors
7% (1) CWE-770 Allocation of Resources Without Limits or Throttling
7% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Oval Markup Language : Definitions

OvalID Name
oval:org.mitre.oval:def:25963 SUSE-SU-2014:0879-1 -- Security update for quagga

Information Assurance Vulnerability Management (IAVM)

id Description
2014-B-0113 Cisco NX-OS Software Remote Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0053881
2013-A-0195 Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity: Category I - VMSKEY: V0040781
2013-B-0086 Cisco StarOS Remote Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0040039
2013-A-0157 Cisco ASA and Pix Firewall Remote Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0040041
2013-A-0159 Cisco IOS XE Remote Security Bypass Vulnerability
Severity: Category I - VMSKEY: V0040042

Nessus® Vulnerability Scanner

id Description
2018-04-27 Name: The remote device is affected by a denial of service vulnerability.
File: cisco-sa-20180418-staros.nasl - Type: ACT_GATHER_INFO
2018-04-27 Name: The remote device is affected by a denial of service vulnerability.
File: cisco-sa-20180418-starosasr.nasl - Type: ACT_GATHER_INFO
2018-03-02 Name: The remote device is affected by multiple command injection vulnerabilities.
File: cisco-sa-20180117-staros.nasl - Type: ACT_GATHER_INFO
2017-08-04 Name: The remote device is affected by a denial of service vulnerability.
File: cisco-sa-20170621-asr.nasl - Type: ACT_GATHER_INFO
2017-07-13 Name: The remote device is affected by a privilege escalation vulnerability.
File: cisco-sa-20170705-asrcmd.nasl - Type: ACT_GATHER_INFO
2013-09-20 Name: The remote SuSE 11 host is missing a security update.
File: suse_11_quagga-130822.nasl - Type: ACT_GATHER_INFO
2013-08-16 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20130801-lsaospf-asa.nasl - Type: ACT_GATHER_INFO
2013-08-16 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20130801-lsaospf-ios.nasl - Type: ACT_GATHER_INFO
2013-08-16 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20130801-lsaospf-iosxe.nasl - Type: ACT_GATHER_INFO
2013-08-16 Name: The remote device is missing a vendor-supplied security patch.
File: cisco-sa-20130801-lsaospf-nxos.nasl - Type: ACT_GATHER_INFO
2013-08-02 Name: The remote device is missing a vendor-supplied security patch.
File: juniper_jsa10582.nasl - Type: ACT_GATHER_INFO