Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Staros
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 25 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-04-16 | CVE-2025-32433 | Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A... | Cloud_native_broadband_network_gateway, Confd_basic, Enterprise_nfv_infrastructure_software, Inode_manager, Ncs_2000_shelf_virtualization_orchestrator_firmware, Network_services_orchestrator, Optical_site_manager, Rv160_firmware, Rv160w_firmware, Rv260_firmware, Rv260p_firmware, Rv260w_firmware, Rv340_firmware, Rv340w_firmware, Rv345_firmware, Rv345p_firmware, Smart_phy, Staros, Ultra_cloud_core, Ultra_packet_core, Ultra_services_platform, Erlang\/otp | N/A | ||
| 2020-06-18 | CVE-2020-3244 | A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker... | Staros | 5.3 | ||
| 2020-08-17 | CVE-2020-3500 | A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to... | Staros | 8.6 | ||
| 2020-10-08 | CVE-2020-3602 | A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this... | Staros | 6.7 | ||
| 2020-10-08 | CVE-2020-3601 | A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker... | Staros | 6.7 |