Search

Find a vulnerability

Search criteria

    30 vulnerabilities found for Cisco ASR 5000 Series Software by Cisco

    CVE-2021-1424 (GCVE-0-2021-1424)

    Vulnerability from nvd – Published: 2024-11-18 15:35 – Updated: 2024-11-18 16:18
    VLAI
    Title
    Cisco ASR 5000 Series Software (StarOS) ipsecmgr Process Denial of Service Vulnerability
    Summary
    A vulnerability in the ipsecmgr process of Cisco ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco ASR 5000 Series Software Affected: 21.15.7
    Affected: 21.13.10
    Affected: 21.14.1
    Affected: 21.11.5
    Affected: 21.13.8
    Affected: 21.14.5
    Affected: 21.12.8
    Affected: 21.13.11
    Affected: 21.11.8
    Affected: 21.12.9
    Affected: 21.15.5
    Affected: 21.11.7
    Affected: 21.13.5
    Affected: 21.12.0
    Affected: 21.15.2
    Affected: 21.11.6
    Affected: 21.14.2
    Affected: 21.12.3
    Affected: 21.15.0
    Affected: 21.11.2
    Affected: 21.13.7
    Affected: 21.12.4
    Affected: 21.12.12
    Affected: 21.13.4
    Affected: 21.12.5
    Affected: 21.14.a0
    Affected: 21.11.9
    Affected: 21.14.0
    Affected: 21.11.4
    Affected: 21.12.7
    Affected: 21.14.3
    Affected: 21.12.2
    Affected: 21.14.10
    Affected: 21.15.4
    Affected: 21.14.6
    Affected: 21.15.3
    Affected: 21.13.13
    Affected: 21.12.11
    Affected: 21.12.10
    Affected: 21.14.9
    Affected: 21.11.1
    Affected: 21.14.7
    Affected: 21.11.3
    Affected: 21.13.3
    Affected: 21.13.2
    Affected: 21.13.14
    Affected: 21.12.1
    Affected: 21.13.6
    Affected: 21.13.12
    Affected: 21.15.8
    Affected: 21.13.1
    Affected: 21.15.1
    Affected: 21.15.6
    Affected: 21.13.9
    Affected: 21.14.4
    Affected: 21.13.0
    Affected: 21.12.6
    Affected: 21.14.8
    Affected: 21.11.0
    Affected: 21.15.15
    Affected: 21.14.11
    Affected: 21.17.2
    Affected: 21.15.13
    Affected: 21.15.12
    Affected: 21.14.b15
    Affected: 21.17.0
    Affected: 21.15.10
    Affected: 21.13.16
    Affected: 21.14.12
    Affected: 21.15.20
    Affected: 21.11.10
    Affected: 21.15.18
    Affected: 21.15.14
    Affected: 21.13.15
    Affected: 21.15.21
    Affected: 21.15.17
    Affected: 21.17.1
    Affected: 21.14.b14
    Affected: 21.12.13
    Affected: 21.12.14
    Affected: 21.15.19
    Affected: 21.15.11
    Affected: 21.15.22
    Affected: 21.17.3
    Affected: 21.14.b13
    Affected: 21.15.16
    Affected: 21.14.b12
    Affected: 21.16.2
    Affected: 21.14.16
    Affected: 21.14.b17
    Affected: 21.15.24
    Affected: 21.16.c9
    Affected: 21.15.25
    Affected: 21.15.26
    Affected: 21.16.d0
    Affected: 21.17.4
    Affected: 21.15.27
    Affected: 21.13.17
    Affected: 21.18.0
    Affected: 21.15.28
    Affected: 21.14.17
    Affected: 21.16.d1
    Affected: 21.18.1
    Affected: 21.16.3
    Affected: 21.14.b18
    Affected: 21.16.c10
    Affected: 21.11.11
    Affected: 21.15.29
    Affected: 21.15.30
    Affected: 21.13.18
    Affected: 21.12.16
    Affected: 21.17.5
    Affected: 21.16.c11
    Affected: 21.15.32
    Affected: 21.13.19
    Affected: 21.15.33
    Affected: 21.11.12
    Affected: 21.19.0
    Affected: 21.18.2
    Affected: 21.14.19
    Affected: 21.19.1
    Affected: 21.17.6
    Affected: 21.11.13
    Affected: 21.12.17
    Affected: 21.15.36
    Affected: 21.18.3
    Affected: 21.14.b19
    Affected: 21.19.2
    Affected: 21.15.37
    Affected: 21.17.7
    Affected: 21.14.20
    Affected: 21.16.c12
    Affected: 21.18.4
    Affected: 21.19.3
    Affected: 21.13.20
    Affected: 21.15.40
    Affected: 21.14.b20
    Affected: 21.16.4
    Affected: 21.18.5
    Affected: 21.14.b21
    Affected: 21.16.c13
    Affected: 21.11.14
    Affected: 21.12.18
    Affected: 21.20.SV1
    Affected: 21.20.0
    Affected: 21.15.41
    Affected: 21.20.SV2
    Affected: 21.17.8
    Affected: 21.20.1
    Affected: 21.20.SV3
    Affected: 21.16.5
    Affected: 21.20.SV5
    Affected: 21.15.43
    Affected: 21.19.4
    Affected: 21.18.6
    Affected: 21.15.45
    Affected: 21.20.2
    Affected: 21.16.c14
    Affected: 21.17.9
    Affected: 21.11.15
    Affected: 21.14.22
    Affected: 21.20.3
    Affected: 21.15.46
    Affected: 21.18.7
    Affected: 21.19.n3
    Affected: 21.15.47
    Affected: 21.15.48
    Affected: 21.19.5
    Affected: 21.17.10
    Affected: 21.18.8
    Affected: 21.16.6
    Affected: 21.12.19
    Affected: 21.13.21
    Affected: 21.20.4
    Affected: 21.18.9
    Affected: 21.19.n4
    Affected: 21.17.11
    Affected: 21.18.11
    Affected: 21.19.6
    Affected: 21.16.c15
    Affected: 21.16.7
    Affected: 21.17.12
    Affected: 21.21.0
    Affected: 21.17.13
    Affected: 21.11.16
    Affected: 21.12.20
    Affected: 21.18.12
    Affected: 21.12.21
    Affected: 21.14.b22
    Affected: 21.19.7
    Affected: 21.20.6
    Affected: 21.18.13
    Affected: 21.19.n5
    Affected: 21.18.14
    Affected: 21.20.7
    Affected: 21.11.17
    Affected: 21.17.14
    Affected: 21.19.8
    Affected: 21.20.8
    Affected: 21.19.9
    Affected: 21.17.15
    Affected: 21.20.9
    Affected: 21.18.15
    Affected: 21.15.51
    Affected: 21.14.23
    Affected: 21.19.10
    Affected: 21.20.k6
    Affected: 21.11.18
    Affected: 21.19.n6
    Affected: 21.16.8
    Affected: 21.15.52
    Affected: 21.17.16
    Affected: 21.20.10
    Affected: 21.15.53
    Affected: 21.11.19
    Affected: 21.20.k7
    Affected: 21.15.54
    Affected: 21.20.11
    Affected: 21.20.u8
    Affected: 21.21.1
    Affected: 21.17.17
    Affected: 21.15.55
    Create a notification for this product.
    cisco asr_5000_series_software Affected: 21.15.7
    Affected: 21.13.10
    Affected: 21.14.1
    Affected: 21.11.5
    Affected: 21.13.8
    Affected: 21.14.5
    Affected: 21.12.8
    Affected: 21.13.11
    Affected: 21.11.8
    Affected: 21.12.9
    Affected: 21.15.5
    Affected: 21.11.7
    Affected: 21.13.5
    Affected: 21.12.0
    Affected: 21.15.2
    Affected: 21.11.6
    Affected: 21.14.2
    Affected: 21.12.3
    Affected: 21.15.0
    Affected: 21.11.2
    Affected: 21.13.7
    Affected: 21.12.4
    Affected: 21.12.12
    Affected: 21.13.4
    Affected: 21.12.5
    Affected: 21.14.a0
    Affected: 21.11.9
    Affected: 21.14.0
    Affected: 21.11.4
    Affected: 21.12.7
    Affected: 21.14.3
    Affected: 21.12.2
    Affected: 21.14.10
    Affected: 21.15.4
    Affected: 21.14.6
    Affected: 21.15.3
    Affected: 21.13.13
    Affected: 21.12.11
    Affected: 21.12.10
    Affected: 21.14.9
    Affected: 21.11.1
    Affected: 21.14.7
    Affected: 21.11.3
    Affected: 21.13.3
    Affected: 21.13.2
    Affected: 21.13.14
    Affected: 21.12.1
    Affected: 21.13.6
    Affected: 21.13.12
    Affected: 21.15.8
    Affected: 21.13.1
    Affected: 21.15.1
    Affected: 21.15.6
    Affected: 21.13.9
    Affected: 21.14.4
    Affected: 21.13.0
    Affected: 21.12.6
    Affected: 21.14.8
    Affected: 21.11.0
    Affected: 21.15.15
    Affected: 21.14.11
    Affected: 21.17.2
    Affected: 21.15.13
    Affected: 21.15.12
    Affected: 21.14.b15
    Affected: 21.17.0
    Affected: 21.15.10
    Affected: 21.13.16
    Affected: 21.14.12
    Affected: 21.15.20
    Affected: 21.11.10
    Affected: 21.15.18
    Affected: 21.15.14
    Affected: 21.13.15
    Affected: 21.15.21
    Affected: 21.15.17
    Affected: 21.17.1
    Affected: 21.14.b14
    Affected: 21.12.13
    Affected: 21.12.14
    Affected: 21.15.19
    Affected: 21.15.11
    Affected: 21.15.22
    Affected: 21.17.3
    Affected: 21.14.b13
    Affected: 21.15.16
    Affected: 21.14.b12
    Affected: 21.16.2
    Affected: 21.14.16
    Affected: 21.14.b17
    Affected: 21.15.24
    Affected: 21.16.c9
    Affected: 21.15.25
    Affected: 21.15.26
    Affected: 21.16.d0
    Affected: 21.17.4
    Affected: 21.15.27
    Affected: 21.13.17
    Affected: 21.18.0
    Affected: 21.15.28
    Affected: 21.14.17
    Affected: 21.16.d1
    Affected: 21.18.1
    Affected: 21.16.3
    Affected: 21.14.b18
    Affected: 21.16.c10
    Affected: 21.11.11
    Affected: 21.15.29
    Affected: 21.15.30
    Affected: 21.13.18
    Affected: 21.12.16
    Affected: 21.17.5
    Affected: 21.16.c11
    Affected: 21.15.32
    Affected: 21.13.19
    Affected: 21.15.33
    Affected: 21.11.12
    Affected: 21.19.0
    Affected: 21.18.2
    Affected: 21.14.19
    Affected: 21.19.1
    Affected: 21.17.6
    Affected: 21.11.13
    Affected: 21.12.17
    Affected: 21.15.36
    Affected: 21.18.3
    Affected: 21.14.b19
    Affected: 21.19.2
    Affected: 21.15.37
    Affected: 21.17.7
    Affected: 21.14.20
    Affected: 21.16.c12
    Affected: 21.18.4
    Affected: 21.19.3
    Affected: 21.13.20
    Affected: 21.15.40
    Affected: 21.14.b20
    Affected: 21.16.4
    Affected: 21.18.5
    Affected: 21.14.b21
    Affected: 21.16.c13
    Affected: 21.11.14
    Affected: 21.12.18
    Affected: 21.20.sv1
    Affected: 21.20.0
    Affected: 21.15.41
    Affected: 21.20.sv2
    Affected: 21.17.8
    Affected: 21.20.1
    Affected: 21.20.sv3
    Affected: 21.16.5
    Affected: 21.20.sv5
    Affected: 21.15.43
    Affected: 21.19.4
    Affected: 21.18.6
    Affected: 21.15.45
    Affected: 21.20.2
    Affected: 21.16.c14
    Affected: 21.17.9
    Affected: 21.11.15
    Affected: 21.14.22
    Affected: 21.20.3
    Affected: 21.15.46
    Affected: 21.18.7
    Affected: 21.19.n3
    Affected: 21.15.47
    Affected: 21.15.48
    Affected: 21.19.5
    Affected: 21.17.10
    Affected: 21.18.8
    Affected: 21.16.6
    Affected: 21.12.19
    Affected: 21.13.21
    Affected: 21.20.4
    Affected: 21.18.9
    Affected: 21.19.n4
    Affected: 21.17.11
    Affected: 21.18.11
    Affected: 21.19.6
    Affected: 21.16.c15
    Affected: 21.16.7
    Affected: 21.17.12
    Affected: 21.21.0
    Affected: 21.17.13
    Affected: 21.11.16
    Affected: 21.12.20
    Affected: 21.18.12
    Affected: 21.12.21
    Affected: 21.14.b22
    Affected: 21.19.7
    Affected: 21.20.6
    Affected: 21.18.13
    Affected: 21.19.n5
    Affected: 21.18.14
    Affected: 21.20.7
    Affected: 21.11.17
    Affected: 21.17.14
    Affected: 21.19.8
    Affected: 21.20.8
    Affected: 21.19.9
    Affected: 21.17.15
    Affected: 21.20.9
    Affected: 21.18.15
    Affected: 21.15.51
    Affected: 21.14.23
    Affected: 21.19.10
    Affected: 21.20.k6
    Affected: 21.11.18
    Affected: 21.19.n6
    Affected: 21.16.8
    Affected: 21.15.52
    Affected: 21.17.16
    Affected: 21.20.10
    Affected: 21.15.53
    Affected: 21.11.19
    Affected: 21.20.k7
    Affected: 21.15.54
    Affected: 21.20.11
    Affected: 21.20.u8
    Affected: 21.21.1
    Affected: 21.17.17
    Affected: 21.15.55
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.a0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.20:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.18:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.21:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.22:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.24:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.25:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.26:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.d0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.27:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.28:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.d1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b18:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.29:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.30:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.18:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.32:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.33:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.36:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.37:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.20:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.20:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.40:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b20:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b21:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.18:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.41:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.43:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.45:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.22:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.46:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.n3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.47:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.48:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.21:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.n4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.21.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.20:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.21:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b22:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.n5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.51:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.23:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.k6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.18:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.n6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.52:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.53:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.k7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.54:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.u8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.21.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.55:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.a0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.20:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.21:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.22:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.24:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.25:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.26:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.d0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.27:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.28:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.d1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.29:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.30:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.32:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.33:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.36:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.37:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.20:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.20:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.40:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b20:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b21:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.41:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.43:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.45:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.22:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.46:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.n3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.47:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.48:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.21:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.n4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.21.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.20:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.21:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b22:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.n5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.51:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.23:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.k6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.n6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.52:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.53:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.k7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.54:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.u8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.21.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.55:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "asr_5000_series_software",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "21.15.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.a0"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.15"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b15"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.20"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.18"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.15"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.21"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b14"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.19"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.22"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b13"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b12"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b17"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.24"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c9"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.25"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.26"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.d0"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.27"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.28"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.d1"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b18"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c10"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.29"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.30"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.18"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c11"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.32"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.19"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.33"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.19"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.36"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b19"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.37"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.20"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c12"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.20"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.40"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b20"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b21"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c13"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.18"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.sv1"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.41"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.sv2"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.sv3"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.sv5"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.43"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.45"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c14"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.15"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.22"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.46"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.n3"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.47"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.48"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.19"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.21"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.n4"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c15"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.21.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.20"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.21"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b22"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.n5"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.15"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.15"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.51"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.23"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.k6"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.18"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.n6"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.52"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.53"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.19"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.k7"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.54"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.u8"
                  },
                  {
                    "status": "affected",
                    "version": "21.21.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.55"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1424",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-18T15:57:49.747227Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-18T16:18:16.475Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "21.15.7"
                },
                {
                  "status": "affected",
                  "version": "21.13.10"
                },
                {
                  "status": "affected",
                  "version": "21.14.1"
                },
                {
                  "status": "affected",
                  "version": "21.11.5"
                },
                {
                  "status": "affected",
                  "version": "21.13.8"
                },
                {
                  "status": "affected",
                  "version": "21.14.5"
                },
                {
                  "status": "affected",
                  "version": "21.12.8"
                },
                {
                  "status": "affected",
                  "version": "21.13.11"
                },
                {
                  "status": "affected",
                  "version": "21.11.8"
                },
                {
                  "status": "affected",
                  "version": "21.12.9"
                },
                {
                  "status": "affected",
                  "version": "21.15.5"
                },
                {
                  "status": "affected",
                  "version": "21.11.7"
                },
                {
                  "status": "affected",
                  "version": "21.13.5"
                },
                {
                  "status": "affected",
                  "version": "21.12.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.2"
                },
                {
                  "status": "affected",
                  "version": "21.11.6"
                },
                {
                  "status": "affected",
                  "version": "21.14.2"
                },
                {
                  "status": "affected",
                  "version": "21.12.3"
                },
                {
                  "status": "affected",
                  "version": "21.15.0"
                },
                {
                  "status": "affected",
                  "version": "21.11.2"
                },
                {
                  "status": "affected",
                  "version": "21.13.7"
                },
                {
                  "status": "affected",
                  "version": "21.12.4"
                },
                {
                  "status": "affected",
                  "version": "21.12.12"
                },
                {
                  "status": "affected",
                  "version": "21.13.4"
                },
                {
                  "status": "affected",
                  "version": "21.12.5"
                },
                {
                  "status": "affected",
                  "version": "21.14.a0"
                },
                {
                  "status": "affected",
                  "version": "21.11.9"
                },
                {
                  "status": "affected",
                  "version": "21.14.0"
                },
                {
                  "status": "affected",
                  "version": "21.11.4"
                },
                {
                  "status": "affected",
                  "version": "21.12.7"
                },
                {
                  "status": "affected",
                  "version": "21.14.3"
                },
                {
                  "status": "affected",
                  "version": "21.12.2"
                },
                {
                  "status": "affected",
                  "version": "21.14.10"
                },
                {
                  "status": "affected",
                  "version": "21.15.4"
                },
                {
                  "status": "affected",
                  "version": "21.14.6"
                },
                {
                  "status": "affected",
                  "version": "21.15.3"
                },
                {
                  "status": "affected",
                  "version": "21.13.13"
                },
                {
                  "status": "affected",
                  "version": "21.12.11"
                },
                {
                  "status": "affected",
                  "version": "21.12.10"
                },
                {
                  "status": "affected",
                  "version": "21.14.9"
                },
                {
                  "status": "affected",
                  "version": "21.11.1"
                },
                {
                  "status": "affected",
                  "version": "21.14.7"
                },
                {
                  "status": "affected",
                  "version": "21.11.3"
                },
                {
                  "status": "affected",
                  "version": "21.13.3"
                },
                {
                  "status": "affected",
                  "version": "21.13.2"
                },
                {
                  "status": "affected",
                  "version": "21.13.14"
                },
                {
                  "status": "affected",
                  "version": "21.12.1"
                },
                {
                  "status": "affected",
                  "version": "21.13.6"
                },
                {
                  "status": "affected",
                  "version": "21.13.12"
                },
                {
                  "status": "affected",
                  "version": "21.15.8"
                },
                {
                  "status": "affected",
                  "version": "21.13.1"
                },
                {
                  "status": "affected",
                  "version": "21.15.1"
                },
                {
                  "status": "affected",
                  "version": "21.15.6"
                },
                {
                  "status": "affected",
                  "version": "21.13.9"
                },
                {
                  "status": "affected",
                  "version": "21.14.4"
                },
                {
                  "status": "affected",
                  "version": "21.13.0"
                },
                {
                  "status": "affected",
                  "version": "21.12.6"
                },
                {
                  "status": "affected",
                  "version": "21.14.8"
                },
                {
                  "status": "affected",
                  "version": "21.11.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.15"
                },
                {
                  "status": "affected",
                  "version": "21.14.11"
                },
                {
                  "status": "affected",
                  "version": "21.17.2"
                },
                {
                  "status": "affected",
                  "version": "21.15.13"
                },
                {
                  "status": "affected",
                  "version": "21.15.12"
                },
                {
                  "status": "affected",
                  "version": "21.14.b15"
                },
                {
                  "status": "affected",
                  "version": "21.17.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.10"
                },
                {
                  "status": "affected",
                  "version": "21.13.16"
                },
                {
                  "status": "affected",
                  "version": "21.14.12"
                },
                {
                  "status": "affected",
                  "version": "21.15.20"
                },
                {
                  "status": "affected",
                  "version": "21.11.10"
                },
                {
                  "status": "affected",
                  "version": "21.15.18"
                },
                {
                  "status": "affected",
                  "version": "21.15.14"
                },
                {
                  "status": "affected",
                  "version": "21.13.15"
                },
                {
                  "status": "affected",
                  "version": "21.15.21"
                },
                {
                  "status": "affected",
                  "version": "21.15.17"
                },
                {
                  "status": "affected",
                  "version": "21.17.1"
                },
                {
                  "status": "affected",
                  "version": "21.14.b14"
                },
                {
                  "status": "affected",
                  "version": "21.12.13"
                },
                {
                  "status": "affected",
                  "version": "21.12.14"
                },
                {
                  "status": "affected",
                  "version": "21.15.19"
                },
                {
                  "status": "affected",
                  "version": "21.15.11"
                },
                {
                  "status": "affected",
                  "version": "21.15.22"
                },
                {
                  "status": "affected",
                  "version": "21.17.3"
                },
                {
                  "status": "affected",
                  "version": "21.14.b13"
                },
                {
                  "status": "affected",
                  "version": "21.15.16"
                },
                {
                  "status": "affected",
                  "version": "21.14.b12"
                },
                {
                  "status": "affected",
                  "version": "21.16.2"
                },
                {
                  "status": "affected",
                  "version": "21.14.16"
                },
                {
                  "status": "affected",
                  "version": "21.14.b17"
                },
                {
                  "status": "affected",
                  "version": "21.15.24"
                },
                {
                  "status": "affected",
                  "version": "21.16.c9"
                },
                {
                  "status": "affected",
                  "version": "21.15.25"
                },
                {
                  "status": "affected",
                  "version": "21.15.26"
                },
                {
                  "status": "affected",
                  "version": "21.16.d0"
                },
                {
                  "status": "affected",
                  "version": "21.17.4"
                },
                {
                  "status": "affected",
                  "version": "21.15.27"
                },
                {
                  "status": "affected",
                  "version": "21.13.17"
                },
                {
                  "status": "affected",
                  "version": "21.18.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.28"
                },
                {
                  "status": "affected",
                  "version": "21.14.17"
                },
                {
                  "status": "affected",
                  "version": "21.16.d1"
                },
                {
                  "status": "affected",
                  "version": "21.18.1"
                },
                {
                  "status": "affected",
                  "version": "21.16.3"
                },
                {
                  "status": "affected",
                  "version": "21.14.b18"
                },
                {
                  "status": "affected",
                  "version": "21.16.c10"
                },
                {
                  "status": "affected",
                  "version": "21.11.11"
                },
                {
                  "status": "affected",
                  "version": "21.15.29"
                },
                {
                  "status": "affected",
                  "version": "21.15.30"
                },
                {
                  "status": "affected",
                  "version": "21.13.18"
                },
                {
                  "status": "affected",
                  "version": "21.12.16"
                },
                {
                  "status": "affected",
                  "version": "21.17.5"
                },
                {
                  "status": "affected",
                  "version": "21.16.c11"
                },
                {
                  "status": "affected",
                  "version": "21.15.32"
                },
                {
                  "status": "affected",
                  "version": "21.13.19"
                },
                {
                  "status": "affected",
                  "version": "21.15.33"
                },
                {
                  "status": "affected",
                  "version": "21.11.12"
                },
                {
                  "status": "affected",
                  "version": "21.19.0"
                },
                {
                  "status": "affected",
                  "version": "21.18.2"
                },
                {
                  "status": "affected",
                  "version": "21.14.19"
                },
                {
                  "status": "affected",
                  "version": "21.19.1"
                },
                {
                  "status": "affected",
                  "version": "21.17.6"
                },
                {
                  "status": "affected",
                  "version": "21.11.13"
                },
                {
                  "status": "affected",
                  "version": "21.12.17"
                },
                {
                  "status": "affected",
                  "version": "21.15.36"
                },
                {
                  "status": "affected",
                  "version": "21.18.3"
                },
                {
                  "status": "affected",
                  "version": "21.14.b19"
                },
                {
                  "status": "affected",
                  "version": "21.19.2"
                },
                {
                  "status": "affected",
                  "version": "21.15.37"
                },
                {
                  "status": "affected",
                  "version": "21.17.7"
                },
                {
                  "status": "affected",
                  "version": "21.14.20"
                },
                {
                  "status": "affected",
                  "version": "21.16.c12"
                },
                {
                  "status": "affected",
                  "version": "21.18.4"
                },
                {
                  "status": "affected",
                  "version": "21.19.3"
                },
                {
                  "status": "affected",
                  "version": "21.13.20"
                },
                {
                  "status": "affected",
                  "version": "21.15.40"
                },
                {
                  "status": "affected",
                  "version": "21.14.b20"
                },
                {
                  "status": "affected",
                  "version": "21.16.4"
                },
                {
                  "status": "affected",
                  "version": "21.18.5"
                },
                {
                  "status": "affected",
                  "version": "21.14.b21"
                },
                {
                  "status": "affected",
                  "version": "21.16.c13"
                },
                {
                  "status": "affected",
                  "version": "21.11.14"
                },
                {
                  "status": "affected",
                  "version": "21.12.18"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV1"
                },
                {
                  "status": "affected",
                  "version": "21.20.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.41"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV2"
                },
                {
                  "status": "affected",
                  "version": "21.17.8"
                },
                {
                  "status": "affected",
                  "version": "21.20.1"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV3"
                },
                {
                  "status": "affected",
                  "version": "21.16.5"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV5"
                },
                {
                  "status": "affected",
                  "version": "21.15.43"
                },
                {
                  "status": "affected",
                  "version": "21.19.4"
                },
                {
                  "status": "affected",
                  "version": "21.18.6"
                },
                {
                  "status": "affected",
                  "version": "21.15.45"
                },
                {
                  "status": "affected",
                  "version": "21.20.2"
                },
                {
                  "status": "affected",
                  "version": "21.16.c14"
                },
                {
                  "status": "affected",
                  "version": "21.17.9"
                },
                {
                  "status": "affected",
                  "version": "21.11.15"
                },
                {
                  "status": "affected",
                  "version": "21.14.22"
                },
                {
                  "status": "affected",
                  "version": "21.20.3"
                },
                {
                  "status": "affected",
                  "version": "21.15.46"
                },
                {
                  "status": "affected",
                  "version": "21.18.7"
                },
                {
                  "status": "affected",
                  "version": "21.19.n3"
                },
                {
                  "status": "affected",
                  "version": "21.15.47"
                },
                {
                  "status": "affected",
                  "version": "21.15.48"
                },
                {
                  "status": "affected",
                  "version": "21.19.5"
                },
                {
                  "status": "affected",
                  "version": "21.17.10"
                },
                {
                  "status": "affected",
                  "version": "21.18.8"
                },
                {
                  "status": "affected",
                  "version": "21.16.6"
                },
                {
                  "status": "affected",
                  "version": "21.12.19"
                },
                {
                  "status": "affected",
                  "version": "21.13.21"
                },
                {
                  "status": "affected",
                  "version": "21.20.4"
                },
                {
                  "status": "affected",
                  "version": "21.18.9"
                },
                {
                  "status": "affected",
                  "version": "21.19.n4"
                },
                {
                  "status": "affected",
                  "version": "21.17.11"
                },
                {
                  "status": "affected",
                  "version": "21.18.11"
                },
                {
                  "status": "affected",
                  "version": "21.19.6"
                },
                {
                  "status": "affected",
                  "version": "21.16.c15"
                },
                {
                  "status": "affected",
                  "version": "21.16.7"
                },
                {
                  "status": "affected",
                  "version": "21.17.12"
                },
                {
                  "status": "affected",
                  "version": "21.21.0"
                },
                {
                  "status": "affected",
                  "version": "21.17.13"
                },
                {
                  "status": "affected",
                  "version": "21.11.16"
                },
                {
                  "status": "affected",
                  "version": "21.12.20"
                },
                {
                  "status": "affected",
                  "version": "21.18.12"
                },
                {
                  "status": "affected",
                  "version": "21.12.21"
                },
                {
                  "status": "affected",
                  "version": "21.14.b22"
                },
                {
                  "status": "affected",
                  "version": "21.19.7"
                },
                {
                  "status": "affected",
                  "version": "21.20.6"
                },
                {
                  "status": "affected",
                  "version": "21.18.13"
                },
                {
                  "status": "affected",
                  "version": "21.19.n5"
                },
                {
                  "status": "affected",
                  "version": "21.18.14"
                },
                {
                  "status": "affected",
                  "version": "21.20.7"
                },
                {
                  "status": "affected",
                  "version": "21.11.17"
                },
                {
                  "status": "affected",
                  "version": "21.17.14"
                },
                {
                  "status": "affected",
                  "version": "21.19.8"
                },
                {
                  "status": "affected",
                  "version": "21.20.8"
                },
                {
                  "status": "affected",
                  "version": "21.19.9"
                },
                {
                  "status": "affected",
                  "version": "21.17.15"
                },
                {
                  "status": "affected",
                  "version": "21.20.9"
                },
                {
                  "status": "affected",
                  "version": "21.18.15"
                },
                {
                  "status": "affected",
                  "version": "21.15.51"
                },
                {
                  "status": "affected",
                  "version": "21.14.23"
                },
                {
                  "status": "affected",
                  "version": "21.19.10"
                },
                {
                  "status": "affected",
                  "version": "21.20.k6"
                },
                {
                  "status": "affected",
                  "version": "21.11.18"
                },
                {
                  "status": "affected",
                  "version": "21.19.n6"
                },
                {
                  "status": "affected",
                  "version": "21.16.8"
                },
                {
                  "status": "affected",
                  "version": "21.15.52"
                },
                {
                  "status": "affected",
                  "version": "21.17.16"
                },
                {
                  "status": "affected",
                  "version": "21.20.10"
                },
                {
                  "status": "affected",
                  "version": "21.15.53"
                },
                {
                  "status": "affected",
                  "version": "21.11.19"
                },
                {
                  "status": "affected",
                  "version": "21.20.k7"
                },
                {
                  "status": "affected",
                  "version": "21.15.54"
                },
                {
                  "status": "affected",
                  "version": "21.20.11"
                },
                {
                  "status": "affected",
                  "version": "21.20.u8"
                },
                {
                  "status": "affected",
                  "version": "21.21.1"
                },
                {
                  "status": "affected",
                  "version": "21.17.17"
                },
                {
                  "status": "affected",
                  "version": "21.15.55"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the ipsecmgr process of Cisco\u0026nbsp;ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.\r\nThis vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/RL:X/RC:X/E:X",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-18T15:35:11.060Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-staros-ipsecmgr-dos-3gkHXwvS",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ipsecmgr-dos-3gkHXwvS"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-webui-gQLSFyPM\u003c/a\u003e\u003c/p\u003e\u003cp\u003eThis advisory is part of the October 2021 release of the Cisco\u0026nbsp;ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see \u003ca href=\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74773\"\u003eCisco\u0026nbsp;Event Response: October 2021 Cisco\u0026nbsp;ASA, FMC, and FTD Software Security Advisory Bundled Publication",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-webui-gQLSFyPM"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-sigverbypass-gPYXd6Mk",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-sigverbypass-gPYXd6Mk"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrbgp-rpki-dos-gvmjqxbk\u003c/a\u003e\u003c/p\u003e\u003cp\u003eThis advisory is part of the September 2021 release of the Cisco\u0026nbsp;IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see \u003ca href=\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74637\"\u003eCisco\u0026nbsp;Event Response: September 2021 Cisco\u0026nbsp;IOS XR Software Security Advisory Bundled Publication",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrbgp-rpki-dos-gvmjqxbk"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-ipsecmgr-dos-3gkHXwvS",
            "defects": [
              "CSCvv74352"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco ASR 5000 Series Software (StarOS)  ipsecmgr Process Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1424",
        "datePublished": "2024-11-18T15:35:11.060Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-18T16:18:16.475Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20046 (GCVE-0-2023-20046)

    Vulnerability from nvd – Published: 2023-05-09 13:06 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user. There are workarounds that address this vulnerability.
    CWE
    • CWE-289 - Authentication Bypass by Alternate Name
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco ASR 5000 Series Software Affected: 21.11.0
    Affected: 21.11.1
    Affected: 21.11.2
    Affected: 21.11.3
    Affected: 21.11.10
    Affected: 21.11.11
    Affected: 21.11.12
    Affected: 21.11.13
    Affected: 21.11.14
    Affected: 21.11.4
    Affected: 21.11.5
    Affected: 21.11.6
    Affected: 21.11.7
    Affected: 21.11.8
    Affected: 21.11.9
    Affected: 21.11.15
    Affected: 21.11.16
    Affected: 21.11.17
    Affected: 21.11.18
    Affected: 21.11.19
    Affected: 21.11.20
    Affected: 21.11.21
    Affected: 21.12.0
    Affected: 21.12.1
    Affected: 21.12.2
    Affected: 21.12.3
    Affected: 21.12.4
    Affected: 21.12.5
    Affected: 21.12.6
    Affected: 21.12.10
    Affected: 21.12.11
    Affected: 21.12.12
    Affected: 21.12.13
    Affected: 21.12.14
    Affected: 21.12.16
    Affected: 21.12.17
    Affected: 21.12.18
    Affected: 21.12.7
    Affected: 21.12.8
    Affected: 21.12.9
    Affected: 21.12.19
    Affected: 21.12.20
    Affected: 21.12.21
    Affected: 21.12.22
    Affected: 21.12.15
    Affected: 21.13.0
    Affected: 21.13.1
    Affected: 21.13.2
    Affected: 21.13.3
    Affected: 21.13.4
    Affected: 21.13.10
    Affected: 21.13.11
    Affected: 21.13.12
    Affected: 21.13.13
    Affected: 21.13.14
    Affected: 21.13.15
    Affected: 21.13.16
    Affected: 21.13.17
    Affected: 21.13.18
    Affected: 21.13.19
    Affected: 21.13.20
    Affected: 21.13.5
    Affected: 21.13.6
    Affected: 21.13.7
    Affected: 21.13.8
    Affected: 21.13.9
    Affected: 21.13.21
    Affected: 21.14.0
    Affected: 21.14.1
    Affected: 21.14.10
    Affected: 21.14.11
    Affected: 21.14.12
    Affected: 21.14.16
    Affected: 21.14.17
    Affected: 21.14.19
    Affected: 21.14.2
    Affected: 21.14.20
    Affected: 21.14.3
    Affected: 21.14.4
    Affected: 21.14.5
    Affected: 21.14.6
    Affected: 21.14.7
    Affected: 21.14.8
    Affected: 21.14.9
    Affected: 21.14.b12
    Affected: 21.14.b13
    Affected: 21.14.b14
    Affected: 21.14.b15
    Affected: 21.14.b17
    Affected: 21.14.b18
    Affected: 21.14.b19
    Affected: 21.14.b20
    Affected: 21.14.b21
    Affected: 21.14.22
    Affected: 21.14.b22
    Affected: 21.14.23
    Affected: 21.15.0
    Affected: 21.15.1
    Affected: 21.15.10
    Affected: 21.15.11
    Affected: 21.15.12
    Affected: 21.15.13
    Affected: 21.15.14
    Affected: 21.15.15
    Affected: 21.15.16
    Affected: 21.15.17
    Affected: 21.15.18
    Affected: 21.15.19
    Affected: 21.15.2
    Affected: 21.15.20
    Affected: 21.15.21
    Affected: 21.15.22
    Affected: 21.15.24
    Affected: 21.15.25
    Affected: 21.15.26
    Affected: 21.15.27
    Affected: 21.15.28
    Affected: 21.15.29
    Affected: 21.15.3
    Affected: 21.15.30
    Affected: 21.15.32
    Affected: 21.15.33
    Affected: 21.15.36
    Affected: 21.15.37
    Affected: 21.15.39
    Affected: 21.15.4
    Affected: 21.15.40
    Affected: 21.15.41
    Affected: 21.15.5
    Affected: 21.15.6
    Affected: 21.15.7
    Affected: 21.15.8
    Affected: 21.15.43
    Affected: 21.15.45
    Affected: 21.15.46
    Affected: 21.15.47
    Affected: 21.15.48
    Affected: 21.15.51
    Affected: 21.15.52
    Affected: 21.15.53
    Affected: 21.15.54
    Affected: 21.15.55
    Affected: 21.15.57
    Affected: 21.15.58
    Affected: 21.15.59
    Affected: 21.15.60
    Affected: 21.16.2
    Affected: 21.16.3
    Affected: 21.16.4
    Affected: 21.16.5
    Affected: 21.16.c10
    Affected: 21.16.c11
    Affected: 21.16.c12
    Affected: 21.16.c13
    Affected: 21.16.c9
    Affected: 21.16.d0
    Affected: 21.16.d1
    Affected: 21.16.6
    Affected: 21.16.c14
    Affected: 21.16.7
    Affected: 21.16.c15
    Affected: 21.16.8
    Affected: 21.16.c16
    Affected: 21.16.10
    Affected: 21.16.9
    Affected: 21.16.c17
    Affected: 21.16.c18
    Affected: 21.16.c19
    Affected: 21.17.0
    Affected: 21.17.1
    Affected: 21.17.2
    Affected: 21.17.3
    Affected: 21.17.4
    Affected: 21.17.5
    Affected: 21.17.6
    Affected: 21.17.7
    Affected: 21.17.8
    Affected: 21.17.10
    Affected: 21.17.11
    Affected: 21.17.9
    Affected: 21.17.12
    Affected: 21.17.13
    Affected: 21.17.14
    Affected: 21.17.15
    Affected: 21.17.16
    Affected: 21.17.17
    Affected: 21.17.18
    Affected: 21.17.19
    Affected: 21.18.0
    Affected: 21.18.1
    Affected: 21.18.2
    Affected: 21.18.3
    Affected: 21.18.4
    Affected: 21.18.5
    Affected: 21.18.11
    Affected: 21.18.6
    Affected: 21.18.7
    Affected: 21.18.8
    Affected: 21.18.9
    Affected: 21.18.12
    Affected: 21.18.13
    Affected: 21.18.14
    Affected: 21.18.15
    Affected: 21.18.16
    Affected: 21.18.17
    Affected: 21.18.18
    Affected: 21.18.19
    Affected: 21.18.20
    Affected: 21.18.21
    Affected: 21.18.22
    Affected: 21.18.23
    Affected: 21.18.24
    Affected: 21.18.25
    Affected: 21.18.26
    Affected: 21.19.0
    Affected: 21.19.1
    Affected: 21.19.2
    Affected: 21.19.3
    Affected: 21.19.n2
    Affected: 21.19.4
    Affected: 21.19.5
    Affected: 21.19.n3
    Affected: 21.19.n4
    Affected: 21.19.6
    Affected: 21.19.7
    Affected: 21.19.8
    Affected: 21.19.n5
    Affected: 21.19.10
    Affected: 21.19.9
    Affected: 21.19.n6
    Affected: 21.19.n7
    Affected: 21.19.n8
    Affected: 21.19.11
    Affected: 21.19.n10
    Affected: 21.19.n11
    Affected: 21.19.n12
    Affected: 21.19.n13
    Affected: 21.19.n14
    Affected: 21.19.n15
    Affected: 21.19.n16
    Affected: 21.19.n9
    Affected: 21.19.n17
    Affected: 21.19.n18
    Affected: 21.20.0
    Affected: 21.20.1
    Affected: 21.20.SV1
    Affected: 21.20.SV3
    Affected: 21.20.SV5
    Affected: 21.20.2
    Affected: 21.20.3
    Affected: 21.20.4
    Affected: 21.20.5
    Affected: 21.20.6
    Affected: 21.20.7
    Affected: 21.20.8
    Affected: 21.20.9
    Affected: 21.20.k6
    Affected: 21.20.10
    Affected: 21.20.11
    Affected: 21.20.k7
    Affected: 21.20.u8
    Affected: 21.20.12
    Affected: 21.20.13
    Affected: 21.20.14
    Affected: 21.20.k8
    Affected: 21.20.p9
    Affected: 21.20.15
    Affected: 21.20.16
    Affected: 21.20.17
    Affected: 21.20.18
    Affected: 21.20.19
    Affected: 21.20.20
    Affected: 21.20.21
    Affected: 21.20.22
    Affected: 21.20.23
    Affected: 21.20.24
    Affected: 21.20.25
    Affected: 21.20.26
    Affected: 21.20.28
    Affected: 21.20.29
    Affected: 21.20.30
    Affected: 21.20.c22
    Affected: 21.20.31
    Affected: 21.20.32
    Affected: 21.20.33
    Affected: 21.20.34
    Affected: 21.20.35
    Affected: 21.20.27
    Affected: 21.20.SV2
    Affected: 21.21.0
    Affected: 21.21.1
    Affected: 21.21.2
    Affected: 21.21.3
    Affected: 21.21.KS2
    Affected: 21.22.0
    Affected: 21.22.n2
    Affected: 21.22.n3
    Affected: 21.22.3
    Affected: 21.22.4
    Affected: 21.22.5
    Affected: 21.22.uj3
    Affected: 21.22.11
    Affected: 21.22.6
    Affected: 21.22.7
    Affected: 21.22.8
    Affected: 21.22.n4
    Affected: 21.22.n5
    Affected: 21.22.ua0
    Affected: 21.22.ua2
    Affected: 21.22.ua3
    Affected: 21.22.ua5
    Affected: 21.22.12
    Affected: 21.22.13
    Affected: 21.22.n10
    Affected: 21.22.n11
    Affected: 21.22.n12
    Affected: 21.22.n6
    Affected: 21.22.n7
    Affected: 21.22.n8
    Affected: 21.22.n9
    Affected: 21.22.n13
    Affected: 21.23.0
    Affected: 21.23.1
    Affected: 21.23.10
    Affected: 21.23.11
    Affected: 21.23.12
    Affected: 21.23.13
    Affected: 21.23.14
    Affected: 21.23.15
    Affected: 21.23.16
    Affected: 21.23.17
    Affected: 21.23.2
    Affected: 21.23.3
    Affected: 21.23.4
    Affected: 21.23.5
    Affected: 21.23.6
    Affected: 21.23.7
    Affected: 21.23.8
    Affected: 21.23.9
    Affected: 21.23.b2
    Affected: 21.23.b3
    Affected: 21.23.c16
    Affected: 21.23.c17
    Affected: 21.23.n6
    Affected: 21.23.n7
    Affected: 21.23.n9
    Affected: 21.23.18
    Affected: 21.23.19
    Affected: 21.23.21
    Affected: 21.23.22
    Affected: 21.23.23
    Affected: 21.23.24
    Affected: 21.23.25
    Affected: 21.23.26
    Affected: 21.23.27
    Affected: 21.23.29
    Affected: 21.23.30
    Affected: 21.23.c18
    Affected: 21.23.n10
    Affected: 21.23.n11
    Affected: 21.23.n8
    Affected: 21.23.yn14
    Affected: 21.24.0
    Affected: 21.24.1
    Affected: 21.24.2
    Affected: 21.24.3
    Affected: 21.25.0
    Affected: 21.25.3
    Affected: 21.25.4
    Affected: 21.25.5
    Affected: 21.25.10
    Affected: 21.25.11
    Affected: 21.25.12
    Affected: 21.25.13
    Affected: 21.25.14
    Affected: 21.25.6
    Affected: 21.25.7
    Affected: 21.25.8
    Affected: 21.25.9
    Affected: 21.26.0
    Affected: 21.26.1
    Affected: 21.26.10
    Affected: 21.26.13
    Affected: 21.26.14
    Affected: 21.26.15
    Affected: 21.26.3
    Affected: 21.26.5
    Affected: 21.26.6
    Affected: 21.26.7
    Affected: 21.26.17
    Affected: 21.27.0
    Affected: 21.27.1
    Affected: 21.27.2
    Affected: 21.27.3
    Affected: 21.27.4
    Affected: 21.27.5
    Affected: 21.27.m0
    Affected: 21.28.0
    Affected: 21.28.1
    Affected: 21.28.2
    Affected: 21.28.m0
    Affected: 21.28.m1
    Affected: 21.28.m2
    Affected: 21.28.m3
    Create a notification for this product.
    Cisco Cisco Ultra Cloud Core - User Plane Function Affected: N/A
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.853Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "21.11.0"
                },
                {
                  "status": "affected",
                  "version": "21.11.1"
                },
                {
                  "status": "affected",
                  "version": "21.11.2"
                },
                {
                  "status": "affected",
                  "version": "21.11.3"
                },
                {
                  "status": "affected",
                  "version": "21.11.10"
                },
                {
                  "status": "affected",
                  "version": "21.11.11"
                },
                {
                  "status": "affected",
                  "version": "21.11.12"
                },
                {
                  "status": "affected",
                  "version": "21.11.13"
                },
                {
                  "status": "affected",
                  "version": "21.11.14"
                },
                {
                  "status": "affected",
                  "version": "21.11.4"
                },
                {
                  "status": "affected",
                  "version": "21.11.5"
                },
                {
                  "status": "affected",
                  "version": "21.11.6"
                },
                {
                  "status": "affected",
                  "version": "21.11.7"
                },
                {
                  "status": "affected",
                  "version": "21.11.8"
                },
                {
                  "status": "affected",
                  "version": "21.11.9"
                },
                {
                  "status": "affected",
                  "version": "21.11.15"
                },
                {
                  "status": "affected",
                  "version": "21.11.16"
                },
                {
                  "status": "affected",
                  "version": "21.11.17"
                },
                {
                  "status": "affected",
                  "version": "21.11.18"
                },
                {
                  "status": "affected",
                  "version": "21.11.19"
                },
                {
                  "status": "affected",
                  "version": "21.11.20"
                },
                {
                  "status": "affected",
                  "version": "21.11.21"
                },
                {
                  "status": "affected",
                  "version": "21.12.0"
                },
                {
                  "status": "affected",
                  "version": "21.12.1"
                },
                {
                  "status": "affected",
                  "version": "21.12.2"
                },
                {
                  "status": "affected",
                  "version": "21.12.3"
                },
                {
                  "status": "affected",
                  "version": "21.12.4"
                },
                {
                  "status": "affected",
                  "version": "21.12.5"
                },
                {
                  "status": "affected",
                  "version": "21.12.6"
                },
                {
                  "status": "affected",
                  "version": "21.12.10"
                },
                {
                  "status": "affected",
                  "version": "21.12.11"
                },
                {
                  "status": "affected",
                  "version": "21.12.12"
                },
                {
                  "status": "affected",
                  "version": "21.12.13"
                },
                {
                  "status": "affected",
                  "version": "21.12.14"
                },
                {
                  "status": "affected",
                  "version": "21.12.16"
                },
                {
                  "status": "affected",
                  "version": "21.12.17"
                },
                {
                  "status": "affected",
                  "version": "21.12.18"
                },
                {
                  "status": "affected",
                  "version": "21.12.7"
                },
                {
                  "status": "affected",
                  "version": "21.12.8"
                },
                {
                  "status": "affected",
                  "version": "21.12.9"
                },
                {
                  "status": "affected",
                  "version": "21.12.19"
                },
                {
                  "status": "affected",
                  "version": "21.12.20"
                },
                {
                  "status": "affected",
                  "version": "21.12.21"
                },
                {
                  "status": "affected",
                  "version": "21.12.22"
                },
                {
                  "status": "affected",
                  "version": "21.12.15"
                },
                {
                  "status": "affected",
                  "version": "21.13.0"
                },
                {
                  "status": "affected",
                  "version": "21.13.1"
                },
                {
                  "status": "affected",
                  "version": "21.13.2"
                },
                {
                  "status": "affected",
                  "version": "21.13.3"
                },
                {
                  "status": "affected",
                  "version": "21.13.4"
                },
                {
                  "status": "affected",
                  "version": "21.13.10"
                },
                {
                  "status": "affected",
                  "version": "21.13.11"
                },
                {
                  "status": "affected",
                  "version": "21.13.12"
                },
                {
                  "status": "affected",
                  "version": "21.13.13"
                },
                {
                  "status": "affected",
                  "version": "21.13.14"
                },
                {
                  "status": "affected",
                  "version": "21.13.15"
                },
                {
                  "status": "affected",
                  "version": "21.13.16"
                },
                {
                  "status": "affected",
                  "version": "21.13.17"
                },
                {
                  "status": "affected",
                  "version": "21.13.18"
                },
                {
                  "status": "affected",
                  "version": "21.13.19"
                },
                {
                  "status": "affected",
                  "version": "21.13.20"
                },
                {
                  "status": "affected",
                  "version": "21.13.5"
                },
                {
                  "status": "affected",
                  "version": "21.13.6"
                },
                {
                  "status": "affected",
                  "version": "21.13.7"
                },
                {
                  "status": "affected",
                  "version": "21.13.8"
                },
                {
                  "status": "affected",
                  "version": "21.13.9"
                },
                {
                  "status": "affected",
                  "version": "21.13.21"
                },
                {
                  "status": "affected",
                  "version": "21.14.0"
                },
                {
                  "status": "affected",
                  "version": "21.14.1"
                },
                {
                  "status": "affected",
                  "version": "21.14.10"
                },
                {
                  "status": "affected",
                  "version": "21.14.11"
                },
                {
                  "status": "affected",
                  "version": "21.14.12"
                },
                {
                  "status": "affected",
                  "version": "21.14.16"
                },
                {
                  "status": "affected",
                  "version": "21.14.17"
                },
                {
                  "status": "affected",
                  "version": "21.14.19"
                },
                {
                  "status": "affected",
                  "version": "21.14.2"
                },
                {
                  "status": "affected",
                  "version": "21.14.20"
                },
                {
                  "status": "affected",
                  "version": "21.14.3"
                },
                {
                  "status": "affected",
                  "version": "21.14.4"
                },
                {
                  "status": "affected",
                  "version": "21.14.5"
                },
                {
                  "status": "affected",
                  "version": "21.14.6"
                },
                {
                  "status": "affected",
                  "version": "21.14.7"
                },
                {
                  "status": "affected",
                  "version": "21.14.8"
                },
                {
                  "status": "affected",
                  "version": "21.14.9"
                },
                {
                  "status": "affected",
                  "version": "21.14.b12"
                },
                {
                  "status": "affected",
                  "version": "21.14.b13"
                },
                {
                  "status": "affected",
                  "version": "21.14.b14"
                },
                {
                  "status": "affected",
                  "version": "21.14.b15"
                },
                {
                  "status": "affected",
                  "version": "21.14.b17"
                },
                {
                  "status": "affected",
                  "version": "21.14.b18"
                },
                {
                  "status": "affected",
                  "version": "21.14.b19"
                },
                {
                  "status": "affected",
                  "version": "21.14.b20"
                },
                {
                  "status": "affected",
                  "version": "21.14.b21"
                },
                {
                  "status": "affected",
                  "version": "21.14.22"
                },
                {
                  "status": "affected",
                  "version": "21.14.b22"
                },
                {
                  "status": "affected",
                  "version": "21.14.23"
                },
                {
                  "status": "affected",
                  "version": "21.15.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.1"
                },
                {
                  "status": "affected",
                  "version": "21.15.10"
                },
                {
                  "status": "affected",
                  "version": "21.15.11"
                },
                {
                  "status": "affected",
                  "version": "21.15.12"
                },
                {
                  "status": "affected",
                  "version": "21.15.13"
                },
                {
                  "status": "affected",
                  "version": "21.15.14"
                },
                {
                  "status": "affected",
                  "version": "21.15.15"
                },
                {
                  "status": "affected",
                  "version": "21.15.16"
                },
                {
                  "status": "affected",
                  "version": "21.15.17"
                },
                {
                  "status": "affected",
                  "version": "21.15.18"
                },
                {
                  "status": "affected",
                  "version": "21.15.19"
                },
                {
                  "status": "affected",
                  "version": "21.15.2"
                },
                {
                  "status": "affected",
                  "version": "21.15.20"
                },
                {
                  "status": "affected",
                  "version": "21.15.21"
                },
                {
                  "status": "affected",
                  "version": "21.15.22"
                },
                {
                  "status": "affected",
                  "version": "21.15.24"
                },
                {
                  "status": "affected",
                  "version": "21.15.25"
                },
                {
                  "status": "affected",
                  "version": "21.15.26"
                },
                {
                  "status": "affected",
                  "version": "21.15.27"
                },
                {
                  "status": "affected",
                  "version": "21.15.28"
                },
                {
                  "status": "affected",
                  "version": "21.15.29"
                },
                {
                  "status": "affected",
                  "version": "21.15.3"
                },
                {
                  "status": "affected",
                  "version": "21.15.30"
                },
                {
                  "status": "affected",
                  "version": "21.15.32"
                },
                {
                  "status": "affected",
                  "version": "21.15.33"
                },
                {
                  "status": "affected",
                  "version": "21.15.36"
                },
                {
                  "status": "affected",
                  "version": "21.15.37"
                },
                {
                  "status": "affected",
                  "version": "21.15.39"
                },
                {
                  "status": "affected",
                  "version": "21.15.4"
                },
                {
                  "status": "affected",
                  "version": "21.15.40"
                },
                {
                  "status": "affected",
                  "version": "21.15.41"
                },
                {
                  "status": "affected",
                  "version": "21.15.5"
                },
                {
                  "status": "affected",
                  "version": "21.15.6"
                },
                {
                  "status": "affected",
                  "version": "21.15.7"
                },
                {
                  "status": "affected",
                  "version": "21.15.8"
                },
                {
                  "status": "affected",
                  "version": "21.15.43"
                },
                {
                  "status": "affected",
                  "version": "21.15.45"
                },
                {
                  "status": "affected",
                  "version": "21.15.46"
                },
                {
                  "status": "affected",
                  "version": "21.15.47"
                },
                {
                  "status": "affected",
                  "version": "21.15.48"
                },
                {
                  "status": "affected",
                  "version": "21.15.51"
                },
                {
                  "status": "affected",
                  "version": "21.15.52"
                },
                {
                  "status": "affected",
                  "version": "21.15.53"
                },
                {
                  "status": "affected",
                  "version": "21.15.54"
                },
                {
                  "status": "affected",
                  "version": "21.15.55"
                },
                {
                  "status": "affected",
                  "version": "21.15.57"
                },
                {
                  "status": "affected",
                  "version": "21.15.58"
                },
                {
                  "status": "affected",
                  "version": "21.15.59"
                },
                {
                  "status": "affected",
                  "version": "21.15.60"
                },
                {
                  "status": "affected",
                  "version": "21.16.2"
                },
                {
                  "status": "affected",
                  "version": "21.16.3"
                },
                {
                  "status": "affected",
                  "version": "21.16.4"
                },
                {
                  "status": "affected",
                  "version": "21.16.5"
                },
                {
                  "status": "affected",
                  "version": "21.16.c10"
                },
                {
                  "status": "affected",
                  "version": "21.16.c11"
                },
                {
                  "status": "affected",
                  "version": "21.16.c12"
                },
                {
                  "status": "affected",
                  "version": "21.16.c13"
                },
                {
                  "status": "affected",
                  "version": "21.16.c9"
                },
                {
                  "status": "affected",
                  "version": "21.16.d0"
                },
                {
                  "status": "affected",
                  "version": "21.16.d1"
                },
                {
                  "status": "affected",
                  "version": "21.16.6"
                },
                {
                  "status": "affected",
                  "version": "21.16.c14"
                },
                {
                  "status": "affected",
                  "version": "21.16.7"
                },
                {
                  "status": "affected",
                  "version": "21.16.c15"
                },
                {
                  "status": "affected",
                  "version": "21.16.8"
                },
                {
                  "status": "affected",
                  "version": "21.16.c16"
                },
                {
                  "status": "affected",
                  "version": "21.16.10"
                },
                {
                  "status": "affected",
                  "version": "21.16.9"
                },
                {
                  "status": "affected",
                  "version": "21.16.c17"
                },
                {
                  "status": "affected",
                  "version": "21.16.c18"
                },
                {
                  "status": "affected",
                  "version": "21.16.c19"
                },
                {
                  "status": "affected",
                  "version": "21.17.0"
                },
                {
                  "status": "affected",
                  "version": "21.17.1"
                },
                {
                  "status": "affected",
                  "version": "21.17.2"
                },
                {
                  "status": "affected",
                  "version": "21.17.3"
                },
                {
                  "status": "affected",
                  "version": "21.17.4"
                },
                {
                  "status": "affected",
                  "version": "21.17.5"
                },
                {
                  "status": "affected",
                  "version": "21.17.6"
                },
                {
                  "status": "affected",
                  "version": "21.17.7"
                },
                {
                  "status": "affected",
                  "version": "21.17.8"
                },
                {
                  "status": "affected",
                  "version": "21.17.10"
                },
                {
                  "status": "affected",
                  "version": "21.17.11"
                },
                {
                  "status": "affected",
                  "version": "21.17.9"
                },
                {
                  "status": "affected",
                  "version": "21.17.12"
                },
                {
                  "status": "affected",
                  "version": "21.17.13"
                },
                {
                  "status": "affected",
                  "version": "21.17.14"
                },
                {
                  "status": "affected",
                  "version": "21.17.15"
                },
                {
                  "status": "affected",
                  "version": "21.17.16"
                },
                {
                  "status": "affected",
                  "version": "21.17.17"
                },
                {
                  "status": "affected",
                  "version": "21.17.18"
                },
                {
                  "status": "affected",
                  "version": "21.17.19"
                },
                {
                  "status": "affected",
                  "version": "21.18.0"
                },
                {
                  "status": "affected",
                  "version": "21.18.1"
                },
                {
                  "status": "affected",
                  "version": "21.18.2"
                },
                {
                  "status": "affected",
                  "version": "21.18.3"
                },
                {
                  "status": "affected",
                  "version": "21.18.4"
                },
                {
                  "status": "affected",
                  "version": "21.18.5"
                },
                {
                  "status": "affected",
                  "version": "21.18.11"
                },
                {
                  "status": "affected",
                  "version": "21.18.6"
                },
                {
                  "status": "affected",
                  "version": "21.18.7"
                },
                {
                  "status": "affected",
                  "version": "21.18.8"
                },
                {
                  "status": "affected",
                  "version": "21.18.9"
                },
                {
                  "status": "affected",
                  "version": "21.18.12"
                },
                {
                  "status": "affected",
                  "version": "21.18.13"
                },
                {
                  "status": "affected",
                  "version": "21.18.14"
                },
                {
                  "status": "affected",
                  "version": "21.18.15"
                },
                {
                  "status": "affected",
                  "version": "21.18.16"
                },
                {
                  "status": "affected",
                  "version": "21.18.17"
                },
                {
                  "status": "affected",
                  "version": "21.18.18"
                },
                {
                  "status": "affected",
                  "version": "21.18.19"
                },
                {
                  "status": "affected",
                  "version": "21.18.20"
                },
                {
                  "status": "affected",
                  "version": "21.18.21"
                },
                {
                  "status": "affected",
                  "version": "21.18.22"
                },
                {
                  "status": "affected",
                  "version": "21.18.23"
                },
                {
                  "status": "affected",
                  "version": "21.18.24"
                },
                {
                  "status": "affected",
                  "version": "21.18.25"
                },
                {
                  "status": "affected",
                  "version": "21.18.26"
                },
                {
                  "status": "affected",
                  "version": "21.19.0"
                },
                {
                  "status": "affected",
                  "version": "21.19.1"
                },
                {
                  "status": "affected",
                  "version": "21.19.2"
                },
                {
                  "status": "affected",
                  "version": "21.19.3"
                },
                {
                  "status": "affected",
                  "version": "21.19.n2"
                },
                {
                  "status": "affected",
                  "version": "21.19.4"
                },
                {
                  "status": "affected",
                  "version": "21.19.5"
                },
                {
                  "status": "affected",
                  "version": "21.19.n3"
                },
                {
                  "status": "affected",
                  "version": "21.19.n4"
                },
                {
                  "status": "affected",
                  "version": "21.19.6"
                },
                {
                  "status": "affected",
                  "version": "21.19.7"
                },
                {
                  "status": "affected",
                  "version": "21.19.8"
                },
                {
                  "status": "affected",
                  "version": "21.19.n5"
                },
                {
                  "status": "affected",
                  "version": "21.19.10"
                },
                {
                  "status": "affected",
                  "version": "21.19.9"
                },
                {
                  "status": "affected",
                  "version": "21.19.n6"
                },
                {
                  "status": "affected",
                  "version": "21.19.n7"
                },
                {
                  "status": "affected",
                  "version": "21.19.n8"
                },
                {
                  "status": "affected",
                  "version": "21.19.11"
                },
                {
                  "status": "affected",
                  "version": "21.19.n10"
                },
                {
                  "status": "affected",
                  "version": "21.19.n11"
                },
                {
                  "status": "affected",
                  "version": "21.19.n12"
                },
                {
                  "status": "affected",
                  "version": "21.19.n13"
                },
                {
                  "status": "affected",
                  "version": "21.19.n14"
                },
                {
                  "status": "affected",
                  "version": "21.19.n15"
                },
                {
                  "status": "affected",
                  "version": "21.19.n16"
                },
                {
                  "status": "affected",
                  "version": "21.19.n9"
                },
                {
                  "status": "affected",
                  "version": "21.19.n17"
                },
                {
                  "status": "affected",
                  "version": "21.19.n18"
                },
                {
                  "status": "affected",
                  "version": "21.20.0"
                },
                {
                  "status": "affected",
                  "version": "21.20.1"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV1"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV3"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV5"
                },
                {
                  "status": "affected",
                  "version": "21.20.2"
                },
                {
                  "status": "affected",
                  "version": "21.20.3"
                },
                {
                  "status": "affected",
                  "version": "21.20.4"
                },
                {
                  "status": "affected",
                  "version": "21.20.5"
                },
                {
                  "status": "affected",
                  "version": "21.20.6"
                },
                {
                  "status": "affected",
                  "version": "21.20.7"
                },
                {
                  "status": "affected",
                  "version": "21.20.8"
                },
                {
                  "status": "affected",
                  "version": "21.20.9"
                },
                {
                  "status": "affected",
                  "version": "21.20.k6"
                },
                {
                  "status": "affected",
                  "version": "21.20.10"
                },
                {
                  "status": "affected",
                  "version": "21.20.11"
                },
                {
                  "status": "affected",
                  "version": "21.20.k7"
                },
                {
                  "status": "affected",
                  "version": "21.20.u8"
                },
                {
                  "status": "affected",
                  "version": "21.20.12"
                },
                {
                  "status": "affected",
                  "version": "21.20.13"
                },
                {
                  "status": "affected",
                  "version": "21.20.14"
                },
                {
                  "status": "affected",
                  "version": "21.20.k8"
                },
                {
                  "status": "affected",
                  "version": "21.20.p9"
                },
                {
                  "status": "affected",
                  "version": "21.20.15"
                },
                {
                  "status": "affected",
                  "version": "21.20.16"
                },
                {
                  "status": "affected",
                  "version": "21.20.17"
                },
                {
                  "status": "affected",
                  "version": "21.20.18"
                },
                {
                  "status": "affected",
                  "version": "21.20.19"
                },
                {
                  "status": "affected",
                  "version": "21.20.20"
                },
                {
                  "status": "affected",
                  "version": "21.20.21"
                },
                {
                  "status": "affected",
                  "version": "21.20.22"
                },
                {
                  "status": "affected",
                  "version": "21.20.23"
                },
                {
                  "status": "affected",
                  "version": "21.20.24"
                },
                {
                  "status": "affected",
                  "version": "21.20.25"
                },
                {
                  "status": "affected",
                  "version": "21.20.26"
                },
                {
                  "status": "affected",
                  "version": "21.20.28"
                },
                {
                  "status": "affected",
                  "version": "21.20.29"
                },
                {
                  "status": "affected",
                  "version": "21.20.30"
                },
                {
                  "status": "affected",
                  "version": "21.20.c22"
                },
                {
                  "status": "affected",
                  "version": "21.20.31"
                },
                {
                  "status": "affected",
                  "version": "21.20.32"
                },
                {
                  "status": "affected",
                  "version": "21.20.33"
                },
                {
                  "status": "affected",
                  "version": "21.20.34"
                },
                {
                  "status": "affected",
                  "version": "21.20.35"
                },
                {
                  "status": "affected",
                  "version": "21.20.27"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV2"
                },
                {
                  "status": "affected",
                  "version": "21.21.0"
                },
                {
                  "status": "affected",
                  "version": "21.21.1"
                },
                {
                  "status": "affected",
                  "version": "21.21.2"
                },
                {
                  "status": "affected",
                  "version": "21.21.3"
                },
                {
                  "status": "affected",
                  "version": "21.21.KS2"
                },
                {
                  "status": "affected",
                  "version": "21.22.0"
                },
                {
                  "status": "affected",
                  "version": "21.22.n2"
                },
                {
                  "status": "affected",
                  "version": "21.22.n3"
                },
                {
                  "status": "affected",
                  "version": "21.22.3"
                },
                {
                  "status": "affected",
                  "version": "21.22.4"
                },
                {
                  "status": "affected",
                  "version": "21.22.5"
                },
                {
                  "status": "affected",
                  "version": "21.22.uj3"
                },
                {
                  "status": "affected",
                  "version": "21.22.11"
                },
                {
                  "status": "affected",
                  "version": "21.22.6"
                },
                {
                  "status": "affected",
                  "version": "21.22.7"
                },
                {
                  "status": "affected",
                  "version": "21.22.8"
                },
                {
                  "status": "affected",
                  "version": "21.22.n4"
                },
                {
                  "status": "affected",
                  "version": "21.22.n5"
                },
                {
                  "status": "affected",
                  "version": "21.22.ua0"
                },
                {
                  "status": "affected",
                  "version": "21.22.ua2"
                },
                {
                  "status": "affected",
                  "version": "21.22.ua3"
                },
                {
                  "status": "affected",
                  "version": "21.22.ua5"
                },
                {
                  "status": "affected",
                  "version": "21.22.12"
                },
                {
                  "status": "affected",
                  "version": "21.22.13"
                },
                {
                  "status": "affected",
                  "version": "21.22.n10"
                },
                {
                  "status": "affected",
                  "version": "21.22.n11"
                },
                {
                  "status": "affected",
                  "version": "21.22.n12"
                },
                {
                  "status": "affected",
                  "version": "21.22.n6"
                },
                {
                  "status": "affected",
                  "version": "21.22.n7"
                },
                {
                  "status": "affected",
                  "version": "21.22.n8"
                },
                {
                  "status": "affected",
                  "version": "21.22.n9"
                },
                {
                  "status": "affected",
                  "version": "21.22.n13"
                },
                {
                  "status": "affected",
                  "version": "21.23.0"
                },
                {
                  "status": "affected",
                  "version": "21.23.1"
                },
                {
                  "status": "affected",
                  "version": "21.23.10"
                },
                {
                  "status": "affected",
                  "version": "21.23.11"
                },
                {
                  "status": "affected",
                  "version": "21.23.12"
                },
                {
                  "status": "affected",
                  "version": "21.23.13"
                },
                {
                  "status": "affected",
                  "version": "21.23.14"
                },
                {
                  "status": "affected",
                  "version": "21.23.15"
                },
                {
                  "status": "affected",
                  "version": "21.23.16"
                },
                {
                  "status": "affected",
                  "version": "21.23.17"
                },
                {
                  "status": "affected",
                  "version": "21.23.2"
                },
                {
                  "status": "affected",
                  "version": "21.23.3"
                },
                {
                  "status": "affected",
                  "version": "21.23.4"
                },
                {
                  "status": "affected",
                  "version": "21.23.5"
                },
                {
                  "status": "affected",
                  "version": "21.23.6"
                },
                {
                  "status": "affected",
                  "version": "21.23.7"
                },
                {
                  "status": "affected",
                  "version": "21.23.8"
                },
                {
                  "status": "affected",
                  "version": "21.23.9"
                },
                {
                  "status": "affected",
                  "version": "21.23.b2"
                },
                {
                  "status": "affected",
                  "version": "21.23.b3"
                },
                {
                  "status": "affected",
                  "version": "21.23.c16"
                },
                {
                  "status": "affected",
                  "version": "21.23.c17"
                },
                {
                  "status": "affected",
                  "version": "21.23.n6"
                },
                {
                  "status": "affected",
                  "version": "21.23.n7"
                },
                {
                  "status": "affected",
                  "version": "21.23.n9"
                },
                {
                  "status": "affected",
                  "version": "21.23.18"
                },
                {
                  "status": "affected",
                  "version": "21.23.19"
                },
                {
                  "status": "affected",
                  "version": "21.23.21"
                },
                {
                  "status": "affected",
                  "version": "21.23.22"
                },
                {
                  "status": "affected",
                  "version": "21.23.23"
                },
                {
                  "status": "affected",
                  "version": "21.23.24"
                },
                {
                  "status": "affected",
                  "version": "21.23.25"
                },
                {
                  "status": "affected",
                  "version": "21.23.26"
                },
                {
                  "status": "affected",
                  "version": "21.23.27"
                },
                {
                  "status": "affected",
                  "version": "21.23.29"
                },
                {
                  "status": "affected",
                  "version": "21.23.30"
                },
                {
                  "status": "affected",
                  "version": "21.23.c18"
                },
                {
                  "status": "affected",
                  "version": "21.23.n10"
                },
                {
                  "status": "affected",
                  "version": "21.23.n11"
                },
                {
                  "status": "affected",
                  "version": "21.23.n8"
                },
                {
                  "status": "affected",
                  "version": "21.23.yn14"
                },
                {
                  "status": "affected",
                  "version": "21.24.0"
                },
                {
                  "status": "affected",
                  "version": "21.24.1"
                },
                {
                  "status": "affected",
                  "version": "21.24.2"
                },
                {
                  "status": "affected",
                  "version": "21.24.3"
                },
                {
                  "status": "affected",
                  "version": "21.25.0"
                },
                {
                  "status": "affected",
                  "version": "21.25.3"
                },
                {
                  "status": "affected",
                  "version": "21.25.4"
                },
                {
                  "status": "affected",
                  "version": "21.25.5"
                },
                {
                  "status": "affected",
                  "version": "21.25.10"
                },
                {
                  "status": "affected",
                  "version": "21.25.11"
                },
                {
                  "status": "affected",
                  "version": "21.25.12"
                },
                {
                  "status": "affected",
                  "version": "21.25.13"
                },
                {
                  "status": "affected",
                  "version": "21.25.14"
                },
                {
                  "status": "affected",
                  "version": "21.25.6"
                },
                {
                  "status": "affected",
                  "version": "21.25.7"
                },
                {
                  "status": "affected",
                  "version": "21.25.8"
                },
                {
                  "status": "affected",
                  "version": "21.25.9"
                },
                {
                  "status": "affected",
                  "version": "21.26.0"
                },
                {
                  "status": "affected",
                  "version": "21.26.1"
                },
                {
                  "status": "affected",
                  "version": "21.26.10"
                },
                {
                  "status": "affected",
                  "version": "21.26.13"
                },
                {
                  "status": "affected",
                  "version": "21.26.14"
                },
                {
                  "status": "affected",
                  "version": "21.26.15"
                },
                {
                  "status": "affected",
                  "version": "21.26.3"
                },
                {
                  "status": "affected",
                  "version": "21.26.5"
                },
                {
                  "status": "affected",
                  "version": "21.26.6"
                },
                {
                  "status": "affected",
                  "version": "21.26.7"
                },
                {
                  "status": "affected",
                  "version": "21.26.17"
                },
                {
                  "status": "affected",
                  "version": "21.27.0"
                },
                {
                  "status": "affected",
                  "version": "21.27.1"
                },
                {
                  "status": "affected",
                  "version": "21.27.2"
                },
                {
                  "status": "affected",
                  "version": "21.27.3"
                },
                {
                  "status": "affected",
                  "version": "21.27.4"
                },
                {
                  "status": "affected",
                  "version": "21.27.5"
                },
                {
                  "status": "affected",
                  "version": "21.27.m0"
                },
                {
                  "status": "affected",
                  "version": "21.28.0"
                },
                {
                  "status": "affected",
                  "version": "21.28.1"
                },
                {
                  "status": "affected",
                  "version": "21.28.2"
                },
                {
                  "status": "affected",
                  "version": "21.28.m0"
                },
                {
                  "status": "affected",
                  "version": "21.28.m1"
                },
                {
                  "status": "affected",
                  "version": "21.28.m2"
                },
                {
                  "status": "affected",
                  "version": "21.28.m3"
                }
              ]
            },
            {
              "product": "Cisco Ultra Cloud Core - User Plane Function",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.\r\n\r   There are workarounds that address this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-289",
                  "description": "Authentication Bypass by Alternate Name",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:38.039Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
            "defects": [
              "CSCwd89468"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20046",
        "datePublished": "2023-05-09T13:06:10.748Z",
        "dateReserved": "2022-10-27T18:47:50.317Z",
        "dateUpdated": "2024-08-02T08:57:35.853Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20051 (GCVE-0-2023-20051)

    Vulnerability from nvd – Published: 2023-04-05 00:00 – Updated: 2024-10-28 16:31
    VLAI
    Title
    Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability
    Summary
    A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS).
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2023-04-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.844Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20230405 Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20051",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-28T16:24:30.430738Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-28T16:31:14.018Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2023-04-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS)."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-05T00:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20230405 Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q"
            }
          ],
          "source": {
            "advisory": "cisco-sa-cisco-pdng-dos-KmzwEy2Q",
            "defect": [
              [
                "CSCwb32089"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20051",
        "datePublished": "2023-04-05T00:00:00.000Z",
        "dateReserved": "2022-10-27T00:00:00.000Z",
        "dateUpdated": "2024-10-28T16:31:14.018Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20665 (GCVE-0-2022-20665)

    Vulnerability from nvd – Published: 2022-04-06 18:13 – Updated: 2024-11-06 16:28
    VLAI
    Title
    Cisco StarOS Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2022-03-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:17:52.953Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20220303 Cisco StarOS Command Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20665",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T16:00:18.481701Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T16:28:29.506Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2022-03-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-06T18:13:40.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20220303 Cisco StarOS Command Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-cmdinj-759mNT4n",
            "defect": [
              [
                "CSCvz22969"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS Command Injection Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2022-03-03T00:00:00",
              "ID": "CVE-2022-20665",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS Command Injection Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.0",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20220303 Cisco StarOS Command Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-staros-cmdinj-759mNT4n",
              "defect": [
                [
                  "CSCvz22969"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20665",
        "datePublished": "2022-04-06T18:13:41.066Z",
        "dateReserved": "2021-11-02T00:00:00.000Z",
        "dateUpdated": "2024-11-06T16:28:29.506Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1540 (GCVE-0-2021-1540)

    Vulnerability from nvd – Published: 2021-06-04 16:46 – Updated: 2024-11-07 22:09
    VLAI
    Title
    Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
    Summary
    Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-06-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.717Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:41:42.298517Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T22:09:20.180Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-06-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-04T16:46:02.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
            "defect": [
              [
                "CSCvu85001",
                "CSCvv33622"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-06-02T16:00:00",
              "ID": "CVE-2021-1540",
              "STATE": "PUBLIC",
              "TITLE": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "8.1",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-863"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
              "defect": [
                [
                  "CSCvu85001",
                  "CSCvv33622"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1540",
        "datePublished": "2021-06-04T16:46:02.739Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-07T22:09:20.180Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1539 (GCVE-0-2021-1539)

    Vulnerability from nvd – Published: 2021-06-04 16:45 – Updated: 2024-11-07 22:09
    VLAI
    Title
    Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
    Summary
    Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-06-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.672Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1539",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:41:43.467282Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T22:09:26.621Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-06-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-04T16:45:58.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
            "defect": [
              [
                "CSCvu85001",
                "CSCvv33622"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-06-02T16:00:00",
              "ID": "CVE-2021-1539",
              "STATE": "PUBLIC",
              "TITLE": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "8.1",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-863"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
              "defect": [
                [
                  "CSCvu85001",
                  "CSCvv33622"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1539",
        "datePublished": "2021-06-04T16:45:58.314Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-07T22:09:26.621Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1378 (GCVE-0-2021-1378)

    Vulnerability from nvd – Published: 2021-02-17 16:55 – Updated: 2024-11-08 23:41
    VLAI
    Title
    Cisco StarOS Denial of Service Vulnerability
    Summary
    A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-02-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.008Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210217 Cisco StarOS Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-StarOS-DoS-RLLvGFJj"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1378",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:04:08.237238Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-08T23:41:07.900Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-02-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-17T16:55:22.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210217 Cisco StarOS Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-StarOS-DoS-RLLvGFJj"
            }
          ],
          "source": {
            "advisory": "cisco-sa-StarOS-DoS-RLLvGFJj",
            "defect": [
              [
                "CSCvu59686"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-02-17T16:00:00",
              "ID": "CVE-2021-1378",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "5.3",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-400"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210217 Cisco StarOS Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-StarOS-DoS-RLLvGFJj"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-StarOS-DoS-RLLvGFJj",
              "defect": [
                [
                  "CSCvu59686"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1378",
        "datePublished": "2021-02-17T16:55:22.801Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-08T23:41:07.900Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1353 (GCVE-0-2021-1353)

    Vulnerability from nvd – Published: 2021-01-20 20:00 – Updated: 2024-11-12 20:21
    VLAI
    Title
    Cisco StarOS IPv4 Denial of Service Vulnerability
    Summary
    A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-01-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:16.810Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210120 Cisco StarOS IPv4 Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1353",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:05:17.789835Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T20:21:29.530Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-01-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-20T20:00:46.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210120 Cisco StarOS IPv4 Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3"
            }
          ],
          "source": {
            "advisory": "cisco-sa-asr-mem-leak-dos-MTWGHKk3",
            "defect": [
              [
                "CSCvq83868",
                "CSCvv69023"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS IPv4 Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-01-20T16:00:00",
              "ID": "CVE-2021-1353",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS IPv4 Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "5.8",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-401"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210120 Cisco StarOS IPv4 Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-asr-mem-leak-dos-MTWGHKk3",
              "defect": [
                [
                  "CSCvq83868",
                  "CSCvv69023"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1353",
        "datePublished": "2021-01-20T20:00:46.220Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-12T20:21:29.530Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1145 (GCVE-0-2021-1145)

    Vulnerability from nvd – Published: 2021-01-13 21:45 – Updated: 2024-11-12 20:40
    VLAI
    Title
    Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability
    Summary
    A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:02:55.422Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210113 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1145",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:53:11.748770Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T20:40:11.365Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-61",
                  "description": "CWE-61",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-13T21:45:36.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210113 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-file-read-L3RDvtey",
            "defect": [
              [
                "CSCvv34230"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-01-13T16:00:00",
              "ID": "CVE-2021-1145",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.5",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-61"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210113 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-staros-file-read-L3RDvtey",
              "defect": [
                [
                  "CSCvv34230"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1145",
        "datePublished": "2021-01-13T21:45:36.440Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-12T20:40:11.365Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3602 (GCVE-0-2020-3602)

    Vulnerability from nvd – Published: 2020-10-08 04:21 – Updated: 2024-11-13 17:51
    VLAI
    Title
    Cisco StarOS Privilege Escalation Vulnerability
    Summary
    A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2020-10-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:37:55.605Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-privilege-esc-pyb7YTd"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3602",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-13T17:22:52.999652Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-13T17:51:28.096Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-10-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-08T04:21:09.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-privilege-esc-pyb7YTd"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-privilege-esc-pyb7YTd",
            "defect": [
              [
                "CSCvv34222"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS Privilege Escalation Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-10-07T16:00:00",
              "ID": "CVE-2020-3602",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS Privilege Escalation Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.3",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-privilege-esc-pyb7YTd"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-staros-privilege-esc-pyb7YTd",
              "defect": [
                [
                  "CSCvv34222"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3602",
        "datePublished": "2020-10-08T04:21:09.915Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-13T17:51:28.096Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3601 (GCVE-0-2020-3601)

    Vulnerability from nvd – Published: 2020-10-08 04:21 – Updated: 2024-11-13 17:51
    VLAI
    Title
    Cisco StarOS Privilege Escalation Vulnerability
    Summary
    A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2020-10-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:37:55.677Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-priv-esc-gGCUMFxv"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3601",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-13T17:22:54.399305Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-13T17:51:37.027Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-10-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-08T04:21:05.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-priv-esc-gGCUMFxv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-priv-esc-gGCUMFxv",
            "defect": [
              [
                "CSCvv34214"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS Privilege Escalation Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-10-07T16:00:00",
              "ID": "CVE-2020-3601",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS Privilege Escalation Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "4.4",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-priv-esc-gGCUMFxv"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-staros-priv-esc-gGCUMFxv",
              "defect": [
                [
                  "CSCvv34214"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3601",
        "datePublished": "2020-10-08T04:21:05.487Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-13T17:51:37.027Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3500 (GCVE-0-2020-3500)

    Vulnerability from nvd – Published: 2020-08-17 18:00 – Updated: 2024-11-13 18:16
    VLAI
    Title
    Cisco StarOS IPv6 Denial of Service Vulnerability
    Summary
    A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2020-08-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:37:54.212Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200805 Cisco StarOS IPv6 Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3500",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-13T17:24:57.726835Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-13T18:16:15.224Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-08-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-08-17T18:00:26.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200805 Cisco StarOS IPv6 Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m"
            }
          ],
          "source": {
            "advisory": "cisco-sa-asr5k-ipv6-dos-ce3zhF8m",
            "defect": [
              [
                "CSCvu23797"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS IPv6 Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-08-05T16:00:00",
              "ID": "CVE-2020-3500",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS IPv6 Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.8",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-119"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200805 Cisco StarOS IPv6 Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-asr5k-ipv6-dos-ce3zhF8m",
              "defect": [
                [
                  "CSCvu23797"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3500",
        "datePublished": "2020-08-17T18:00:26.607Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-13T18:16:15.224Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3244 (GCVE-0-2020-3244)

    Vulnerability from nvd – Published: 2020-06-18 02:21 – Updated: 2024-11-15 16:59
    VLAI
    Title
    Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability
    Summary
    A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2020-06-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:30:58.066Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200617 Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3244",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:21:07.157305Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T16:59:30.320Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-06-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-18T02:21:23.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200617 Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL"
            }
          ],
          "source": {
            "advisory": "cisco-sa-asr5k-ecs-bypass-2LqfPCL",
            "defect": [
              [
                "CSCvs83392"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-06-17T16:00:00",
              "ID": "CVE-2020-3244",
              "STATE": "PUBLIC",
              "TITLE": "Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "5.3",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200617 Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-asr5k-ecs-bypass-2LqfPCL",
              "defect": [
                [
                  "CSCvs83392"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3244",
        "datePublished": "2020-06-18T02:21:23.181Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-15T16:59:30.320Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-16026 (GCVE-0-2019-16026)

    Vulnerability from nvd – Published: 2020-01-26 04:45 – Updated: 2024-11-15 17:44
    VLAI
    Title
    Cisco Mobility Management Entity Denial of Service Vulnerability
    Summary
    A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Vendor Product Version
    Cisco Cisco ASR 5000 Series Software Affected: unspecified , < n/a (custom)
    Create a notification for this product.
    Date Public
    2020-01-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T01:03:32.668Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200108 Cisco Mobility Management Entity Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-16026",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:29:46.226838Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T17:44:37.291Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "n/a",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-01-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-26T04:45:20.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200108 Cisco Mobility Management Entity Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos"
            }
          ],
          "source": {
            "advisory": "cisco-sa-20200108-mme-dos",
            "defect": [
              [
                "CSCvs01456"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Mobility Management Entity Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-01-08T16:00:00-0800",
              "ID": "CVE-2019-16026",
              "STATE": "PUBLIC",
              "TITLE": "Cisco Mobility Management Entity Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.8",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200108 Cisco Mobility Management Entity Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-20200108-mme-dos",
              "defect": [
                [
                  "CSCvs01456"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2019-16026",
        "datePublished": "2020-01-26T04:45:20.821Z",
        "dateReserved": "2019-09-06T00:00:00.000Z",
        "dateUpdated": "2024-11-15T17:44:37.291Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1869 (GCVE-0-2019-1869)

    Vulnerability from nvd – Published: 2019-06-20 02:55 – Updated: 2024-11-19 19:05
    VLAI
    Title
    Cisco StarOS Denial of Service Vulnerability
    Summary
    A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    http://www.securityfocus.com/bid/108853 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Cisco Cisco ASR 5000 Series Software Affected: unspecified , < 21.11.1 (custom)
    Create a notification for this product.
    Date Public
    2019-06-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:28:42.866Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20190619 Cisco StarOS Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos"
              },
              {
                "name": "108853",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/108853"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-1869",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-19T17:24:03.377833Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-19T19:05:58.503Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "21.11.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-06-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-824",
                  "description": "CWE-824",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-06-21T09:06:07.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20190619 Cisco StarOS Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos"
            },
            {
              "name": "108853",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/108853"
            }
          ],
          "source": {
            "advisory": "cisco-sa-20190619-staros-asr-dos",
            "defect": [
              [
                "CSCvn06757"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2019-06-19T16:00:00-0700",
              "ID": "CVE-2019-1869",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "21.11.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "8.6",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-824"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20190619 Cisco StarOS Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos"
                },
                {
                  "name": "108853",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/108853"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-20190619-staros-asr-dos",
              "defect": [
                [
                  "CSCvn06757"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2019-1869",
        "datePublished": "2019-06-20T02:55:15.750Z",
        "dateReserved": "2018-12-06T00:00:00.000Z",
        "dateUpdated": "2024-11-19T19:05:58.503Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1424 (GCVE-0-2021-1424)

    Vulnerability from cvelistv5 – Published: 2024-11-18 15:35 – Updated: 2024-11-18 16:18
    VLAI
    Title
    Cisco ASR 5000 Series Software (StarOS) ipsecmgr Process Denial of Service Vulnerability
    Summary
    A vulnerability in the ipsecmgr process of Cisco&nbsp;ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco ASR 5000 Series Software Affected: 21.15.7
    Affected: 21.13.10
    Affected: 21.14.1
    Affected: 21.11.5
    Affected: 21.13.8
    Affected: 21.14.5
    Affected: 21.12.8
    Affected: 21.13.11
    Affected: 21.11.8
    Affected: 21.12.9
    Affected: 21.15.5
    Affected: 21.11.7
    Affected: 21.13.5
    Affected: 21.12.0
    Affected: 21.15.2
    Affected: 21.11.6
    Affected: 21.14.2
    Affected: 21.12.3
    Affected: 21.15.0
    Affected: 21.11.2
    Affected: 21.13.7
    Affected: 21.12.4
    Affected: 21.12.12
    Affected: 21.13.4
    Affected: 21.12.5
    Affected: 21.14.a0
    Affected: 21.11.9
    Affected: 21.14.0
    Affected: 21.11.4
    Affected: 21.12.7
    Affected: 21.14.3
    Affected: 21.12.2
    Affected: 21.14.10
    Affected: 21.15.4
    Affected: 21.14.6
    Affected: 21.15.3
    Affected: 21.13.13
    Affected: 21.12.11
    Affected: 21.12.10
    Affected: 21.14.9
    Affected: 21.11.1
    Affected: 21.14.7
    Affected: 21.11.3
    Affected: 21.13.3
    Affected: 21.13.2
    Affected: 21.13.14
    Affected: 21.12.1
    Affected: 21.13.6
    Affected: 21.13.12
    Affected: 21.15.8
    Affected: 21.13.1
    Affected: 21.15.1
    Affected: 21.15.6
    Affected: 21.13.9
    Affected: 21.14.4
    Affected: 21.13.0
    Affected: 21.12.6
    Affected: 21.14.8
    Affected: 21.11.0
    Affected: 21.15.15
    Affected: 21.14.11
    Affected: 21.17.2
    Affected: 21.15.13
    Affected: 21.15.12
    Affected: 21.14.b15
    Affected: 21.17.0
    Affected: 21.15.10
    Affected: 21.13.16
    Affected: 21.14.12
    Affected: 21.15.20
    Affected: 21.11.10
    Affected: 21.15.18
    Affected: 21.15.14
    Affected: 21.13.15
    Affected: 21.15.21
    Affected: 21.15.17
    Affected: 21.17.1
    Affected: 21.14.b14
    Affected: 21.12.13
    Affected: 21.12.14
    Affected: 21.15.19
    Affected: 21.15.11
    Affected: 21.15.22
    Affected: 21.17.3
    Affected: 21.14.b13
    Affected: 21.15.16
    Affected: 21.14.b12
    Affected: 21.16.2
    Affected: 21.14.16
    Affected: 21.14.b17
    Affected: 21.15.24
    Affected: 21.16.c9
    Affected: 21.15.25
    Affected: 21.15.26
    Affected: 21.16.d0
    Affected: 21.17.4
    Affected: 21.15.27
    Affected: 21.13.17
    Affected: 21.18.0
    Affected: 21.15.28
    Affected: 21.14.17
    Affected: 21.16.d1
    Affected: 21.18.1
    Affected: 21.16.3
    Affected: 21.14.b18
    Affected: 21.16.c10
    Affected: 21.11.11
    Affected: 21.15.29
    Affected: 21.15.30
    Affected: 21.13.18
    Affected: 21.12.16
    Affected: 21.17.5
    Affected: 21.16.c11
    Affected: 21.15.32
    Affected: 21.13.19
    Affected: 21.15.33
    Affected: 21.11.12
    Affected: 21.19.0
    Affected: 21.18.2
    Affected: 21.14.19
    Affected: 21.19.1
    Affected: 21.17.6
    Affected: 21.11.13
    Affected: 21.12.17
    Affected: 21.15.36
    Affected: 21.18.3
    Affected: 21.14.b19
    Affected: 21.19.2
    Affected: 21.15.37
    Affected: 21.17.7
    Affected: 21.14.20
    Affected: 21.16.c12
    Affected: 21.18.4
    Affected: 21.19.3
    Affected: 21.13.20
    Affected: 21.15.40
    Affected: 21.14.b20
    Affected: 21.16.4
    Affected: 21.18.5
    Affected: 21.14.b21
    Affected: 21.16.c13
    Affected: 21.11.14
    Affected: 21.12.18
    Affected: 21.20.SV1
    Affected: 21.20.0
    Affected: 21.15.41
    Affected: 21.20.SV2
    Affected: 21.17.8
    Affected: 21.20.1
    Affected: 21.20.SV3
    Affected: 21.16.5
    Affected: 21.20.SV5
    Affected: 21.15.43
    Affected: 21.19.4
    Affected: 21.18.6
    Affected: 21.15.45
    Affected: 21.20.2
    Affected: 21.16.c14
    Affected: 21.17.9
    Affected: 21.11.15
    Affected: 21.14.22
    Affected: 21.20.3
    Affected: 21.15.46
    Affected: 21.18.7
    Affected: 21.19.n3
    Affected: 21.15.47
    Affected: 21.15.48
    Affected: 21.19.5
    Affected: 21.17.10
    Affected: 21.18.8
    Affected: 21.16.6
    Affected: 21.12.19
    Affected: 21.13.21
    Affected: 21.20.4
    Affected: 21.18.9
    Affected: 21.19.n4
    Affected: 21.17.11
    Affected: 21.18.11
    Affected: 21.19.6
    Affected: 21.16.c15
    Affected: 21.16.7
    Affected: 21.17.12
    Affected: 21.21.0
    Affected: 21.17.13
    Affected: 21.11.16
    Affected: 21.12.20
    Affected: 21.18.12
    Affected: 21.12.21
    Affected: 21.14.b22
    Affected: 21.19.7
    Affected: 21.20.6
    Affected: 21.18.13
    Affected: 21.19.n5
    Affected: 21.18.14
    Affected: 21.20.7
    Affected: 21.11.17
    Affected: 21.17.14
    Affected: 21.19.8
    Affected: 21.20.8
    Affected: 21.19.9
    Affected: 21.17.15
    Affected: 21.20.9
    Affected: 21.18.15
    Affected: 21.15.51
    Affected: 21.14.23
    Affected: 21.19.10
    Affected: 21.20.k6
    Affected: 21.11.18
    Affected: 21.19.n6
    Affected: 21.16.8
    Affected: 21.15.52
    Affected: 21.17.16
    Affected: 21.20.10
    Affected: 21.15.53
    Affected: 21.11.19
    Affected: 21.20.k7
    Affected: 21.15.54
    Affected: 21.20.11
    Affected: 21.20.u8
    Affected: 21.21.1
    Affected: 21.17.17
    Affected: 21.15.55
    Create a notification for this product.
    cisco asr_5000_series_software Affected: 21.15.7
    Affected: 21.13.10
    Affected: 21.14.1
    Affected: 21.11.5
    Affected: 21.13.8
    Affected: 21.14.5
    Affected: 21.12.8
    Affected: 21.13.11
    Affected: 21.11.8
    Affected: 21.12.9
    Affected: 21.15.5
    Affected: 21.11.7
    Affected: 21.13.5
    Affected: 21.12.0
    Affected: 21.15.2
    Affected: 21.11.6
    Affected: 21.14.2
    Affected: 21.12.3
    Affected: 21.15.0
    Affected: 21.11.2
    Affected: 21.13.7
    Affected: 21.12.4
    Affected: 21.12.12
    Affected: 21.13.4
    Affected: 21.12.5
    Affected: 21.14.a0
    Affected: 21.11.9
    Affected: 21.14.0
    Affected: 21.11.4
    Affected: 21.12.7
    Affected: 21.14.3
    Affected: 21.12.2
    Affected: 21.14.10
    Affected: 21.15.4
    Affected: 21.14.6
    Affected: 21.15.3
    Affected: 21.13.13
    Affected: 21.12.11
    Affected: 21.12.10
    Affected: 21.14.9
    Affected: 21.11.1
    Affected: 21.14.7
    Affected: 21.11.3
    Affected: 21.13.3
    Affected: 21.13.2
    Affected: 21.13.14
    Affected: 21.12.1
    Affected: 21.13.6
    Affected: 21.13.12
    Affected: 21.15.8
    Affected: 21.13.1
    Affected: 21.15.1
    Affected: 21.15.6
    Affected: 21.13.9
    Affected: 21.14.4
    Affected: 21.13.0
    Affected: 21.12.6
    Affected: 21.14.8
    Affected: 21.11.0
    Affected: 21.15.15
    Affected: 21.14.11
    Affected: 21.17.2
    Affected: 21.15.13
    Affected: 21.15.12
    Affected: 21.14.b15
    Affected: 21.17.0
    Affected: 21.15.10
    Affected: 21.13.16
    Affected: 21.14.12
    Affected: 21.15.20
    Affected: 21.11.10
    Affected: 21.15.18
    Affected: 21.15.14
    Affected: 21.13.15
    Affected: 21.15.21
    Affected: 21.15.17
    Affected: 21.17.1
    Affected: 21.14.b14
    Affected: 21.12.13
    Affected: 21.12.14
    Affected: 21.15.19
    Affected: 21.15.11
    Affected: 21.15.22
    Affected: 21.17.3
    Affected: 21.14.b13
    Affected: 21.15.16
    Affected: 21.14.b12
    Affected: 21.16.2
    Affected: 21.14.16
    Affected: 21.14.b17
    Affected: 21.15.24
    Affected: 21.16.c9
    Affected: 21.15.25
    Affected: 21.15.26
    Affected: 21.16.d0
    Affected: 21.17.4
    Affected: 21.15.27
    Affected: 21.13.17
    Affected: 21.18.0
    Affected: 21.15.28
    Affected: 21.14.17
    Affected: 21.16.d1
    Affected: 21.18.1
    Affected: 21.16.3
    Affected: 21.14.b18
    Affected: 21.16.c10
    Affected: 21.11.11
    Affected: 21.15.29
    Affected: 21.15.30
    Affected: 21.13.18
    Affected: 21.12.16
    Affected: 21.17.5
    Affected: 21.16.c11
    Affected: 21.15.32
    Affected: 21.13.19
    Affected: 21.15.33
    Affected: 21.11.12
    Affected: 21.19.0
    Affected: 21.18.2
    Affected: 21.14.19
    Affected: 21.19.1
    Affected: 21.17.6
    Affected: 21.11.13
    Affected: 21.12.17
    Affected: 21.15.36
    Affected: 21.18.3
    Affected: 21.14.b19
    Affected: 21.19.2
    Affected: 21.15.37
    Affected: 21.17.7
    Affected: 21.14.20
    Affected: 21.16.c12
    Affected: 21.18.4
    Affected: 21.19.3
    Affected: 21.13.20
    Affected: 21.15.40
    Affected: 21.14.b20
    Affected: 21.16.4
    Affected: 21.18.5
    Affected: 21.14.b21
    Affected: 21.16.c13
    Affected: 21.11.14
    Affected: 21.12.18
    Affected: 21.20.sv1
    Affected: 21.20.0
    Affected: 21.15.41
    Affected: 21.20.sv2
    Affected: 21.17.8
    Affected: 21.20.1
    Affected: 21.20.sv3
    Affected: 21.16.5
    Affected: 21.20.sv5
    Affected: 21.15.43
    Affected: 21.19.4
    Affected: 21.18.6
    Affected: 21.15.45
    Affected: 21.20.2
    Affected: 21.16.c14
    Affected: 21.17.9
    Affected: 21.11.15
    Affected: 21.14.22
    Affected: 21.20.3
    Affected: 21.15.46
    Affected: 21.18.7
    Affected: 21.19.n3
    Affected: 21.15.47
    Affected: 21.15.48
    Affected: 21.19.5
    Affected: 21.17.10
    Affected: 21.18.8
    Affected: 21.16.6
    Affected: 21.12.19
    Affected: 21.13.21
    Affected: 21.20.4
    Affected: 21.18.9
    Affected: 21.19.n4
    Affected: 21.17.11
    Affected: 21.18.11
    Affected: 21.19.6
    Affected: 21.16.c15
    Affected: 21.16.7
    Affected: 21.17.12
    Affected: 21.21.0
    Affected: 21.17.13
    Affected: 21.11.16
    Affected: 21.12.20
    Affected: 21.18.12
    Affected: 21.12.21
    Affected: 21.14.b22
    Affected: 21.19.7
    Affected: 21.20.6
    Affected: 21.18.13
    Affected: 21.19.n5
    Affected: 21.18.14
    Affected: 21.20.7
    Affected: 21.11.17
    Affected: 21.17.14
    Affected: 21.19.8
    Affected: 21.20.8
    Affected: 21.19.9
    Affected: 21.17.15
    Affected: 21.20.9
    Affected: 21.18.15
    Affected: 21.15.51
    Affected: 21.14.23
    Affected: 21.19.10
    Affected: 21.20.k6
    Affected: 21.11.18
    Affected: 21.19.n6
    Affected: 21.16.8
    Affected: 21.15.52
    Affected: 21.17.16
    Affected: 21.20.10
    Affected: 21.15.53
    Affected: 21.11.19
    Affected: 21.20.k7
    Affected: 21.15.54
    Affected: 21.20.11
    Affected: 21.20.u8
    Affected: 21.21.1
    Affected: 21.17.17
    Affected: 21.15.55
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.a0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.20:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.18:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.21:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.22:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.24:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.25:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.26:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.d0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.27:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.28:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.d1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b18:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.29:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.30:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.18:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.32:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.33:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.36:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.37:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.20:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.20:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.40:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b20:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b21:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.18:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.41:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.43:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.45:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.2:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.22:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.46:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.n3:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.47:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.48:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.13.21:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.n4:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.c15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.21.0:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.20:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.12:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.12.21:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.b22:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.13:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.n5:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.14:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.9:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.18.15:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.51:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.14.23:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.k6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.18:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.19.n6:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.16.8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.52:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.16:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.10:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.53:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.11.19:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.k7:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.54:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.11:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.20.u8:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.21.1:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.17.17:*:*:*:*:*:*:*
        cpe:2.3:a:cisco:asr_5000_series_software:21.15.55:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.a0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.20:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.21:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.22:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.24:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.25:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.26:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.d0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.27:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.28:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.d1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.29:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.30:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.32:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.33:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.36:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.37:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.20:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.20:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.40:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b20:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b21:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.41:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.sv5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.43:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.45:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.2:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.22:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.46:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.n3:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.47:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.48:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.13.21:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.n4:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.c15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.21.0:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.20:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.12:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.12.21:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.b22:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.13:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.n5:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.14:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.9:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.18.15:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.51:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.14.23:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.k6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.18:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.19.n6:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.16.8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.52:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.16:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.10:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.53:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.11.19:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.k7:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.54:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.11:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.20.u8:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.21.1:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.17.17:*:*:*:*:*:*:*",
                  "cpe:2.3:a:cisco:asr_5000_series_software:21.15.55:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "asr_5000_series_software",
                "vendor": "cisco",
                "versions": [
                  {
                    "status": "affected",
                    "version": "21.15.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.a0"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.15"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b15"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.20"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.18"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.15"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.21"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b14"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.19"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.22"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b13"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b12"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b17"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.24"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c9"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.25"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.26"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.d0"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.27"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.28"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.d1"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b18"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c10"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.29"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.30"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.18"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c11"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.32"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.19"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.33"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.19"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.36"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b19"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.37"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.20"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c12"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.20"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.40"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b20"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b21"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c13"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.18"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.sv1"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.41"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.sv2"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.sv3"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.sv5"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.43"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.45"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.2"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c14"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.15"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.22"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.3"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.46"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.n3"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.47"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.48"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.5"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.19"
                  },
                  {
                    "status": "affected",
                    "version": "21.13.21"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.4"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.n4"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.c15"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.21.0"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.20"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.12"
                  },
                  {
                    "status": "affected",
                    "version": "21.12.21"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.b22"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.6"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.13"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.n5"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.7"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.14"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.15"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.9"
                  },
                  {
                    "status": "affected",
                    "version": "21.18.15"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.51"
                  },
                  {
                    "status": "affected",
                    "version": "21.14.23"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.k6"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.18"
                  },
                  {
                    "status": "affected",
                    "version": "21.19.n6"
                  },
                  {
                    "status": "affected",
                    "version": "21.16.8"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.52"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.16"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.10"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.53"
                  },
                  {
                    "status": "affected",
                    "version": "21.11.19"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.k7"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.54"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.11"
                  },
                  {
                    "status": "affected",
                    "version": "21.20.u8"
                  },
                  {
                    "status": "affected",
                    "version": "21.21.1"
                  },
                  {
                    "status": "affected",
                    "version": "21.17.17"
                  },
                  {
                    "status": "affected",
                    "version": "21.15.55"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1424",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-18T15:57:49.747227Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-18T16:18:16.475Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "21.15.7"
                },
                {
                  "status": "affected",
                  "version": "21.13.10"
                },
                {
                  "status": "affected",
                  "version": "21.14.1"
                },
                {
                  "status": "affected",
                  "version": "21.11.5"
                },
                {
                  "status": "affected",
                  "version": "21.13.8"
                },
                {
                  "status": "affected",
                  "version": "21.14.5"
                },
                {
                  "status": "affected",
                  "version": "21.12.8"
                },
                {
                  "status": "affected",
                  "version": "21.13.11"
                },
                {
                  "status": "affected",
                  "version": "21.11.8"
                },
                {
                  "status": "affected",
                  "version": "21.12.9"
                },
                {
                  "status": "affected",
                  "version": "21.15.5"
                },
                {
                  "status": "affected",
                  "version": "21.11.7"
                },
                {
                  "status": "affected",
                  "version": "21.13.5"
                },
                {
                  "status": "affected",
                  "version": "21.12.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.2"
                },
                {
                  "status": "affected",
                  "version": "21.11.6"
                },
                {
                  "status": "affected",
                  "version": "21.14.2"
                },
                {
                  "status": "affected",
                  "version": "21.12.3"
                },
                {
                  "status": "affected",
                  "version": "21.15.0"
                },
                {
                  "status": "affected",
                  "version": "21.11.2"
                },
                {
                  "status": "affected",
                  "version": "21.13.7"
                },
                {
                  "status": "affected",
                  "version": "21.12.4"
                },
                {
                  "status": "affected",
                  "version": "21.12.12"
                },
                {
                  "status": "affected",
                  "version": "21.13.4"
                },
                {
                  "status": "affected",
                  "version": "21.12.5"
                },
                {
                  "status": "affected",
                  "version": "21.14.a0"
                },
                {
                  "status": "affected",
                  "version": "21.11.9"
                },
                {
                  "status": "affected",
                  "version": "21.14.0"
                },
                {
                  "status": "affected",
                  "version": "21.11.4"
                },
                {
                  "status": "affected",
                  "version": "21.12.7"
                },
                {
                  "status": "affected",
                  "version": "21.14.3"
                },
                {
                  "status": "affected",
                  "version": "21.12.2"
                },
                {
                  "status": "affected",
                  "version": "21.14.10"
                },
                {
                  "status": "affected",
                  "version": "21.15.4"
                },
                {
                  "status": "affected",
                  "version": "21.14.6"
                },
                {
                  "status": "affected",
                  "version": "21.15.3"
                },
                {
                  "status": "affected",
                  "version": "21.13.13"
                },
                {
                  "status": "affected",
                  "version": "21.12.11"
                },
                {
                  "status": "affected",
                  "version": "21.12.10"
                },
                {
                  "status": "affected",
                  "version": "21.14.9"
                },
                {
                  "status": "affected",
                  "version": "21.11.1"
                },
                {
                  "status": "affected",
                  "version": "21.14.7"
                },
                {
                  "status": "affected",
                  "version": "21.11.3"
                },
                {
                  "status": "affected",
                  "version": "21.13.3"
                },
                {
                  "status": "affected",
                  "version": "21.13.2"
                },
                {
                  "status": "affected",
                  "version": "21.13.14"
                },
                {
                  "status": "affected",
                  "version": "21.12.1"
                },
                {
                  "status": "affected",
                  "version": "21.13.6"
                },
                {
                  "status": "affected",
                  "version": "21.13.12"
                },
                {
                  "status": "affected",
                  "version": "21.15.8"
                },
                {
                  "status": "affected",
                  "version": "21.13.1"
                },
                {
                  "status": "affected",
                  "version": "21.15.1"
                },
                {
                  "status": "affected",
                  "version": "21.15.6"
                },
                {
                  "status": "affected",
                  "version": "21.13.9"
                },
                {
                  "status": "affected",
                  "version": "21.14.4"
                },
                {
                  "status": "affected",
                  "version": "21.13.0"
                },
                {
                  "status": "affected",
                  "version": "21.12.6"
                },
                {
                  "status": "affected",
                  "version": "21.14.8"
                },
                {
                  "status": "affected",
                  "version": "21.11.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.15"
                },
                {
                  "status": "affected",
                  "version": "21.14.11"
                },
                {
                  "status": "affected",
                  "version": "21.17.2"
                },
                {
                  "status": "affected",
                  "version": "21.15.13"
                },
                {
                  "status": "affected",
                  "version": "21.15.12"
                },
                {
                  "status": "affected",
                  "version": "21.14.b15"
                },
                {
                  "status": "affected",
                  "version": "21.17.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.10"
                },
                {
                  "status": "affected",
                  "version": "21.13.16"
                },
                {
                  "status": "affected",
                  "version": "21.14.12"
                },
                {
                  "status": "affected",
                  "version": "21.15.20"
                },
                {
                  "status": "affected",
                  "version": "21.11.10"
                },
                {
                  "status": "affected",
                  "version": "21.15.18"
                },
                {
                  "status": "affected",
                  "version": "21.15.14"
                },
                {
                  "status": "affected",
                  "version": "21.13.15"
                },
                {
                  "status": "affected",
                  "version": "21.15.21"
                },
                {
                  "status": "affected",
                  "version": "21.15.17"
                },
                {
                  "status": "affected",
                  "version": "21.17.1"
                },
                {
                  "status": "affected",
                  "version": "21.14.b14"
                },
                {
                  "status": "affected",
                  "version": "21.12.13"
                },
                {
                  "status": "affected",
                  "version": "21.12.14"
                },
                {
                  "status": "affected",
                  "version": "21.15.19"
                },
                {
                  "status": "affected",
                  "version": "21.15.11"
                },
                {
                  "status": "affected",
                  "version": "21.15.22"
                },
                {
                  "status": "affected",
                  "version": "21.17.3"
                },
                {
                  "status": "affected",
                  "version": "21.14.b13"
                },
                {
                  "status": "affected",
                  "version": "21.15.16"
                },
                {
                  "status": "affected",
                  "version": "21.14.b12"
                },
                {
                  "status": "affected",
                  "version": "21.16.2"
                },
                {
                  "status": "affected",
                  "version": "21.14.16"
                },
                {
                  "status": "affected",
                  "version": "21.14.b17"
                },
                {
                  "status": "affected",
                  "version": "21.15.24"
                },
                {
                  "status": "affected",
                  "version": "21.16.c9"
                },
                {
                  "status": "affected",
                  "version": "21.15.25"
                },
                {
                  "status": "affected",
                  "version": "21.15.26"
                },
                {
                  "status": "affected",
                  "version": "21.16.d0"
                },
                {
                  "status": "affected",
                  "version": "21.17.4"
                },
                {
                  "status": "affected",
                  "version": "21.15.27"
                },
                {
                  "status": "affected",
                  "version": "21.13.17"
                },
                {
                  "status": "affected",
                  "version": "21.18.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.28"
                },
                {
                  "status": "affected",
                  "version": "21.14.17"
                },
                {
                  "status": "affected",
                  "version": "21.16.d1"
                },
                {
                  "status": "affected",
                  "version": "21.18.1"
                },
                {
                  "status": "affected",
                  "version": "21.16.3"
                },
                {
                  "status": "affected",
                  "version": "21.14.b18"
                },
                {
                  "status": "affected",
                  "version": "21.16.c10"
                },
                {
                  "status": "affected",
                  "version": "21.11.11"
                },
                {
                  "status": "affected",
                  "version": "21.15.29"
                },
                {
                  "status": "affected",
                  "version": "21.15.30"
                },
                {
                  "status": "affected",
                  "version": "21.13.18"
                },
                {
                  "status": "affected",
                  "version": "21.12.16"
                },
                {
                  "status": "affected",
                  "version": "21.17.5"
                },
                {
                  "status": "affected",
                  "version": "21.16.c11"
                },
                {
                  "status": "affected",
                  "version": "21.15.32"
                },
                {
                  "status": "affected",
                  "version": "21.13.19"
                },
                {
                  "status": "affected",
                  "version": "21.15.33"
                },
                {
                  "status": "affected",
                  "version": "21.11.12"
                },
                {
                  "status": "affected",
                  "version": "21.19.0"
                },
                {
                  "status": "affected",
                  "version": "21.18.2"
                },
                {
                  "status": "affected",
                  "version": "21.14.19"
                },
                {
                  "status": "affected",
                  "version": "21.19.1"
                },
                {
                  "status": "affected",
                  "version": "21.17.6"
                },
                {
                  "status": "affected",
                  "version": "21.11.13"
                },
                {
                  "status": "affected",
                  "version": "21.12.17"
                },
                {
                  "status": "affected",
                  "version": "21.15.36"
                },
                {
                  "status": "affected",
                  "version": "21.18.3"
                },
                {
                  "status": "affected",
                  "version": "21.14.b19"
                },
                {
                  "status": "affected",
                  "version": "21.19.2"
                },
                {
                  "status": "affected",
                  "version": "21.15.37"
                },
                {
                  "status": "affected",
                  "version": "21.17.7"
                },
                {
                  "status": "affected",
                  "version": "21.14.20"
                },
                {
                  "status": "affected",
                  "version": "21.16.c12"
                },
                {
                  "status": "affected",
                  "version": "21.18.4"
                },
                {
                  "status": "affected",
                  "version": "21.19.3"
                },
                {
                  "status": "affected",
                  "version": "21.13.20"
                },
                {
                  "status": "affected",
                  "version": "21.15.40"
                },
                {
                  "status": "affected",
                  "version": "21.14.b20"
                },
                {
                  "status": "affected",
                  "version": "21.16.4"
                },
                {
                  "status": "affected",
                  "version": "21.18.5"
                },
                {
                  "status": "affected",
                  "version": "21.14.b21"
                },
                {
                  "status": "affected",
                  "version": "21.16.c13"
                },
                {
                  "status": "affected",
                  "version": "21.11.14"
                },
                {
                  "status": "affected",
                  "version": "21.12.18"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV1"
                },
                {
                  "status": "affected",
                  "version": "21.20.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.41"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV2"
                },
                {
                  "status": "affected",
                  "version": "21.17.8"
                },
                {
                  "status": "affected",
                  "version": "21.20.1"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV3"
                },
                {
                  "status": "affected",
                  "version": "21.16.5"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV5"
                },
                {
                  "status": "affected",
                  "version": "21.15.43"
                },
                {
                  "status": "affected",
                  "version": "21.19.4"
                },
                {
                  "status": "affected",
                  "version": "21.18.6"
                },
                {
                  "status": "affected",
                  "version": "21.15.45"
                },
                {
                  "status": "affected",
                  "version": "21.20.2"
                },
                {
                  "status": "affected",
                  "version": "21.16.c14"
                },
                {
                  "status": "affected",
                  "version": "21.17.9"
                },
                {
                  "status": "affected",
                  "version": "21.11.15"
                },
                {
                  "status": "affected",
                  "version": "21.14.22"
                },
                {
                  "status": "affected",
                  "version": "21.20.3"
                },
                {
                  "status": "affected",
                  "version": "21.15.46"
                },
                {
                  "status": "affected",
                  "version": "21.18.7"
                },
                {
                  "status": "affected",
                  "version": "21.19.n3"
                },
                {
                  "status": "affected",
                  "version": "21.15.47"
                },
                {
                  "status": "affected",
                  "version": "21.15.48"
                },
                {
                  "status": "affected",
                  "version": "21.19.5"
                },
                {
                  "status": "affected",
                  "version": "21.17.10"
                },
                {
                  "status": "affected",
                  "version": "21.18.8"
                },
                {
                  "status": "affected",
                  "version": "21.16.6"
                },
                {
                  "status": "affected",
                  "version": "21.12.19"
                },
                {
                  "status": "affected",
                  "version": "21.13.21"
                },
                {
                  "status": "affected",
                  "version": "21.20.4"
                },
                {
                  "status": "affected",
                  "version": "21.18.9"
                },
                {
                  "status": "affected",
                  "version": "21.19.n4"
                },
                {
                  "status": "affected",
                  "version": "21.17.11"
                },
                {
                  "status": "affected",
                  "version": "21.18.11"
                },
                {
                  "status": "affected",
                  "version": "21.19.6"
                },
                {
                  "status": "affected",
                  "version": "21.16.c15"
                },
                {
                  "status": "affected",
                  "version": "21.16.7"
                },
                {
                  "status": "affected",
                  "version": "21.17.12"
                },
                {
                  "status": "affected",
                  "version": "21.21.0"
                },
                {
                  "status": "affected",
                  "version": "21.17.13"
                },
                {
                  "status": "affected",
                  "version": "21.11.16"
                },
                {
                  "status": "affected",
                  "version": "21.12.20"
                },
                {
                  "status": "affected",
                  "version": "21.18.12"
                },
                {
                  "status": "affected",
                  "version": "21.12.21"
                },
                {
                  "status": "affected",
                  "version": "21.14.b22"
                },
                {
                  "status": "affected",
                  "version": "21.19.7"
                },
                {
                  "status": "affected",
                  "version": "21.20.6"
                },
                {
                  "status": "affected",
                  "version": "21.18.13"
                },
                {
                  "status": "affected",
                  "version": "21.19.n5"
                },
                {
                  "status": "affected",
                  "version": "21.18.14"
                },
                {
                  "status": "affected",
                  "version": "21.20.7"
                },
                {
                  "status": "affected",
                  "version": "21.11.17"
                },
                {
                  "status": "affected",
                  "version": "21.17.14"
                },
                {
                  "status": "affected",
                  "version": "21.19.8"
                },
                {
                  "status": "affected",
                  "version": "21.20.8"
                },
                {
                  "status": "affected",
                  "version": "21.19.9"
                },
                {
                  "status": "affected",
                  "version": "21.17.15"
                },
                {
                  "status": "affected",
                  "version": "21.20.9"
                },
                {
                  "status": "affected",
                  "version": "21.18.15"
                },
                {
                  "status": "affected",
                  "version": "21.15.51"
                },
                {
                  "status": "affected",
                  "version": "21.14.23"
                },
                {
                  "status": "affected",
                  "version": "21.19.10"
                },
                {
                  "status": "affected",
                  "version": "21.20.k6"
                },
                {
                  "status": "affected",
                  "version": "21.11.18"
                },
                {
                  "status": "affected",
                  "version": "21.19.n6"
                },
                {
                  "status": "affected",
                  "version": "21.16.8"
                },
                {
                  "status": "affected",
                  "version": "21.15.52"
                },
                {
                  "status": "affected",
                  "version": "21.17.16"
                },
                {
                  "status": "affected",
                  "version": "21.20.10"
                },
                {
                  "status": "affected",
                  "version": "21.15.53"
                },
                {
                  "status": "affected",
                  "version": "21.11.19"
                },
                {
                  "status": "affected",
                  "version": "21.20.k7"
                },
                {
                  "status": "affected",
                  "version": "21.15.54"
                },
                {
                  "status": "affected",
                  "version": "21.20.11"
                },
                {
                  "status": "affected",
                  "version": "21.20.u8"
                },
                {
                  "status": "affected",
                  "version": "21.21.1"
                },
                {
                  "status": "affected",
                  "version": "21.17.17"
                },
                {
                  "status": "affected",
                  "version": "21.15.55"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the ipsecmgr process of Cisco\u0026nbsp;ASR 5000 Series Software (StarOS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.\r\nThis vulnerability is due to insufficient validation of incoming Internet Key Exchange Version 2 (IKEv2) packets. An attacker could exploit this vulnerability by sending specifically malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause the ipsecmgr process to restart, which would disrupt ongoing IKE negotiations and result in a temporary DoS condition.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco\u00a0Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/RL:X/RC:X/E:X",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-18T15:35:11.060Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-staros-ipsecmgr-dos-3gkHXwvS",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ipsecmgr-dos-3gkHXwvS"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-webui-gQLSFyPM\u003c/a\u003e\u003c/p\u003e\u003cp\u003eThis advisory is part of the October 2021 release of the Cisco\u0026nbsp;ASA, FTD, and FMC Security Advisory Bundled publication. For a complete list of the advisories and links to them, see \u003ca href=\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74773\"\u003eCisco\u0026nbsp;Event Response: October 2021 Cisco\u0026nbsp;ASA, FMC, and FTD Software Security Advisory Bundled Publication",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-webui-gQLSFyPM"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-sigverbypass-gPYXd6Mk",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-sigverbypass-gPYXd6Mk"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-info-disclo-VOu2GHbZ"
            },
            {
              "name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrbgp-rpki-dos-gvmjqxbk\u003c/a\u003e\u003c/p\u003e\u003cp\u003eThis advisory is part of the September 2021 release of the Cisco\u0026nbsp;IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see \u003ca href=\"https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74637\"\u003eCisco\u0026nbsp;Event Response: September 2021 Cisco\u0026nbsp;IOS XR Software Security Advisory Bundled Publication",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrbgp-rpki-dos-gvmjqxbk"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-ipsecmgr-dos-3gkHXwvS",
            "defects": [
              "CSCvv74352"
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco ASR 5000 Series Software (StarOS)  ipsecmgr Process Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1424",
        "datePublished": "2024-11-18T15:35:11.060Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-18T16:18:16.475Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20046 (GCVE-0-2023-20046)

    Vulnerability from cvelistv5 – Published: 2023-05-09 13:06 – Updated: 2024-08-02 08:57
    VLAI
    Summary
    A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user. There are workarounds that address this vulnerability.
    CWE
    • CWE-289 - Authentication Bypass by Alternate Name
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco ASR 5000 Series Software Affected: 21.11.0
    Affected: 21.11.1
    Affected: 21.11.2
    Affected: 21.11.3
    Affected: 21.11.10
    Affected: 21.11.11
    Affected: 21.11.12
    Affected: 21.11.13
    Affected: 21.11.14
    Affected: 21.11.4
    Affected: 21.11.5
    Affected: 21.11.6
    Affected: 21.11.7
    Affected: 21.11.8
    Affected: 21.11.9
    Affected: 21.11.15
    Affected: 21.11.16
    Affected: 21.11.17
    Affected: 21.11.18
    Affected: 21.11.19
    Affected: 21.11.20
    Affected: 21.11.21
    Affected: 21.12.0
    Affected: 21.12.1
    Affected: 21.12.2
    Affected: 21.12.3
    Affected: 21.12.4
    Affected: 21.12.5
    Affected: 21.12.6
    Affected: 21.12.10
    Affected: 21.12.11
    Affected: 21.12.12
    Affected: 21.12.13
    Affected: 21.12.14
    Affected: 21.12.16
    Affected: 21.12.17
    Affected: 21.12.18
    Affected: 21.12.7
    Affected: 21.12.8
    Affected: 21.12.9
    Affected: 21.12.19
    Affected: 21.12.20
    Affected: 21.12.21
    Affected: 21.12.22
    Affected: 21.12.15
    Affected: 21.13.0
    Affected: 21.13.1
    Affected: 21.13.2
    Affected: 21.13.3
    Affected: 21.13.4
    Affected: 21.13.10
    Affected: 21.13.11
    Affected: 21.13.12
    Affected: 21.13.13
    Affected: 21.13.14
    Affected: 21.13.15
    Affected: 21.13.16
    Affected: 21.13.17
    Affected: 21.13.18
    Affected: 21.13.19
    Affected: 21.13.20
    Affected: 21.13.5
    Affected: 21.13.6
    Affected: 21.13.7
    Affected: 21.13.8
    Affected: 21.13.9
    Affected: 21.13.21
    Affected: 21.14.0
    Affected: 21.14.1
    Affected: 21.14.10
    Affected: 21.14.11
    Affected: 21.14.12
    Affected: 21.14.16
    Affected: 21.14.17
    Affected: 21.14.19
    Affected: 21.14.2
    Affected: 21.14.20
    Affected: 21.14.3
    Affected: 21.14.4
    Affected: 21.14.5
    Affected: 21.14.6
    Affected: 21.14.7
    Affected: 21.14.8
    Affected: 21.14.9
    Affected: 21.14.b12
    Affected: 21.14.b13
    Affected: 21.14.b14
    Affected: 21.14.b15
    Affected: 21.14.b17
    Affected: 21.14.b18
    Affected: 21.14.b19
    Affected: 21.14.b20
    Affected: 21.14.b21
    Affected: 21.14.22
    Affected: 21.14.b22
    Affected: 21.14.23
    Affected: 21.15.0
    Affected: 21.15.1
    Affected: 21.15.10
    Affected: 21.15.11
    Affected: 21.15.12
    Affected: 21.15.13
    Affected: 21.15.14
    Affected: 21.15.15
    Affected: 21.15.16
    Affected: 21.15.17
    Affected: 21.15.18
    Affected: 21.15.19
    Affected: 21.15.2
    Affected: 21.15.20
    Affected: 21.15.21
    Affected: 21.15.22
    Affected: 21.15.24
    Affected: 21.15.25
    Affected: 21.15.26
    Affected: 21.15.27
    Affected: 21.15.28
    Affected: 21.15.29
    Affected: 21.15.3
    Affected: 21.15.30
    Affected: 21.15.32
    Affected: 21.15.33
    Affected: 21.15.36
    Affected: 21.15.37
    Affected: 21.15.39
    Affected: 21.15.4
    Affected: 21.15.40
    Affected: 21.15.41
    Affected: 21.15.5
    Affected: 21.15.6
    Affected: 21.15.7
    Affected: 21.15.8
    Affected: 21.15.43
    Affected: 21.15.45
    Affected: 21.15.46
    Affected: 21.15.47
    Affected: 21.15.48
    Affected: 21.15.51
    Affected: 21.15.52
    Affected: 21.15.53
    Affected: 21.15.54
    Affected: 21.15.55
    Affected: 21.15.57
    Affected: 21.15.58
    Affected: 21.15.59
    Affected: 21.15.60
    Affected: 21.16.2
    Affected: 21.16.3
    Affected: 21.16.4
    Affected: 21.16.5
    Affected: 21.16.c10
    Affected: 21.16.c11
    Affected: 21.16.c12
    Affected: 21.16.c13
    Affected: 21.16.c9
    Affected: 21.16.d0
    Affected: 21.16.d1
    Affected: 21.16.6
    Affected: 21.16.c14
    Affected: 21.16.7
    Affected: 21.16.c15
    Affected: 21.16.8
    Affected: 21.16.c16
    Affected: 21.16.10
    Affected: 21.16.9
    Affected: 21.16.c17
    Affected: 21.16.c18
    Affected: 21.16.c19
    Affected: 21.17.0
    Affected: 21.17.1
    Affected: 21.17.2
    Affected: 21.17.3
    Affected: 21.17.4
    Affected: 21.17.5
    Affected: 21.17.6
    Affected: 21.17.7
    Affected: 21.17.8
    Affected: 21.17.10
    Affected: 21.17.11
    Affected: 21.17.9
    Affected: 21.17.12
    Affected: 21.17.13
    Affected: 21.17.14
    Affected: 21.17.15
    Affected: 21.17.16
    Affected: 21.17.17
    Affected: 21.17.18
    Affected: 21.17.19
    Affected: 21.18.0
    Affected: 21.18.1
    Affected: 21.18.2
    Affected: 21.18.3
    Affected: 21.18.4
    Affected: 21.18.5
    Affected: 21.18.11
    Affected: 21.18.6
    Affected: 21.18.7
    Affected: 21.18.8
    Affected: 21.18.9
    Affected: 21.18.12
    Affected: 21.18.13
    Affected: 21.18.14
    Affected: 21.18.15
    Affected: 21.18.16
    Affected: 21.18.17
    Affected: 21.18.18
    Affected: 21.18.19
    Affected: 21.18.20
    Affected: 21.18.21
    Affected: 21.18.22
    Affected: 21.18.23
    Affected: 21.18.24
    Affected: 21.18.25
    Affected: 21.18.26
    Affected: 21.19.0
    Affected: 21.19.1
    Affected: 21.19.2
    Affected: 21.19.3
    Affected: 21.19.n2
    Affected: 21.19.4
    Affected: 21.19.5
    Affected: 21.19.n3
    Affected: 21.19.n4
    Affected: 21.19.6
    Affected: 21.19.7
    Affected: 21.19.8
    Affected: 21.19.n5
    Affected: 21.19.10
    Affected: 21.19.9
    Affected: 21.19.n6
    Affected: 21.19.n7
    Affected: 21.19.n8
    Affected: 21.19.11
    Affected: 21.19.n10
    Affected: 21.19.n11
    Affected: 21.19.n12
    Affected: 21.19.n13
    Affected: 21.19.n14
    Affected: 21.19.n15
    Affected: 21.19.n16
    Affected: 21.19.n9
    Affected: 21.19.n17
    Affected: 21.19.n18
    Affected: 21.20.0
    Affected: 21.20.1
    Affected: 21.20.SV1
    Affected: 21.20.SV3
    Affected: 21.20.SV5
    Affected: 21.20.2
    Affected: 21.20.3
    Affected: 21.20.4
    Affected: 21.20.5
    Affected: 21.20.6
    Affected: 21.20.7
    Affected: 21.20.8
    Affected: 21.20.9
    Affected: 21.20.k6
    Affected: 21.20.10
    Affected: 21.20.11
    Affected: 21.20.k7
    Affected: 21.20.u8
    Affected: 21.20.12
    Affected: 21.20.13
    Affected: 21.20.14
    Affected: 21.20.k8
    Affected: 21.20.p9
    Affected: 21.20.15
    Affected: 21.20.16
    Affected: 21.20.17
    Affected: 21.20.18
    Affected: 21.20.19
    Affected: 21.20.20
    Affected: 21.20.21
    Affected: 21.20.22
    Affected: 21.20.23
    Affected: 21.20.24
    Affected: 21.20.25
    Affected: 21.20.26
    Affected: 21.20.28
    Affected: 21.20.29
    Affected: 21.20.30
    Affected: 21.20.c22
    Affected: 21.20.31
    Affected: 21.20.32
    Affected: 21.20.33
    Affected: 21.20.34
    Affected: 21.20.35
    Affected: 21.20.27
    Affected: 21.20.SV2
    Affected: 21.21.0
    Affected: 21.21.1
    Affected: 21.21.2
    Affected: 21.21.3
    Affected: 21.21.KS2
    Affected: 21.22.0
    Affected: 21.22.n2
    Affected: 21.22.n3
    Affected: 21.22.3
    Affected: 21.22.4
    Affected: 21.22.5
    Affected: 21.22.uj3
    Affected: 21.22.11
    Affected: 21.22.6
    Affected: 21.22.7
    Affected: 21.22.8
    Affected: 21.22.n4
    Affected: 21.22.n5
    Affected: 21.22.ua0
    Affected: 21.22.ua2
    Affected: 21.22.ua3
    Affected: 21.22.ua5
    Affected: 21.22.12
    Affected: 21.22.13
    Affected: 21.22.n10
    Affected: 21.22.n11
    Affected: 21.22.n12
    Affected: 21.22.n6
    Affected: 21.22.n7
    Affected: 21.22.n8
    Affected: 21.22.n9
    Affected: 21.22.n13
    Affected: 21.23.0
    Affected: 21.23.1
    Affected: 21.23.10
    Affected: 21.23.11
    Affected: 21.23.12
    Affected: 21.23.13
    Affected: 21.23.14
    Affected: 21.23.15
    Affected: 21.23.16
    Affected: 21.23.17
    Affected: 21.23.2
    Affected: 21.23.3
    Affected: 21.23.4
    Affected: 21.23.5
    Affected: 21.23.6
    Affected: 21.23.7
    Affected: 21.23.8
    Affected: 21.23.9
    Affected: 21.23.b2
    Affected: 21.23.b3
    Affected: 21.23.c16
    Affected: 21.23.c17
    Affected: 21.23.n6
    Affected: 21.23.n7
    Affected: 21.23.n9
    Affected: 21.23.18
    Affected: 21.23.19
    Affected: 21.23.21
    Affected: 21.23.22
    Affected: 21.23.23
    Affected: 21.23.24
    Affected: 21.23.25
    Affected: 21.23.26
    Affected: 21.23.27
    Affected: 21.23.29
    Affected: 21.23.30
    Affected: 21.23.c18
    Affected: 21.23.n10
    Affected: 21.23.n11
    Affected: 21.23.n8
    Affected: 21.23.yn14
    Affected: 21.24.0
    Affected: 21.24.1
    Affected: 21.24.2
    Affected: 21.24.3
    Affected: 21.25.0
    Affected: 21.25.3
    Affected: 21.25.4
    Affected: 21.25.5
    Affected: 21.25.10
    Affected: 21.25.11
    Affected: 21.25.12
    Affected: 21.25.13
    Affected: 21.25.14
    Affected: 21.25.6
    Affected: 21.25.7
    Affected: 21.25.8
    Affected: 21.25.9
    Affected: 21.26.0
    Affected: 21.26.1
    Affected: 21.26.10
    Affected: 21.26.13
    Affected: 21.26.14
    Affected: 21.26.15
    Affected: 21.26.3
    Affected: 21.26.5
    Affected: 21.26.6
    Affected: 21.26.7
    Affected: 21.26.17
    Affected: 21.27.0
    Affected: 21.27.1
    Affected: 21.27.2
    Affected: 21.27.3
    Affected: 21.27.4
    Affected: 21.27.5
    Affected: 21.27.m0
    Affected: 21.28.0
    Affected: 21.28.1
    Affected: 21.28.2
    Affected: 21.28.m0
    Affected: 21.28.m1
    Affected: 21.28.m2
    Affected: 21.28.m3
    Create a notification for this product.
    Cisco Cisco Ultra Cloud Core - User Plane Function Affected: N/A
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.853Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "21.11.0"
                },
                {
                  "status": "affected",
                  "version": "21.11.1"
                },
                {
                  "status": "affected",
                  "version": "21.11.2"
                },
                {
                  "status": "affected",
                  "version": "21.11.3"
                },
                {
                  "status": "affected",
                  "version": "21.11.10"
                },
                {
                  "status": "affected",
                  "version": "21.11.11"
                },
                {
                  "status": "affected",
                  "version": "21.11.12"
                },
                {
                  "status": "affected",
                  "version": "21.11.13"
                },
                {
                  "status": "affected",
                  "version": "21.11.14"
                },
                {
                  "status": "affected",
                  "version": "21.11.4"
                },
                {
                  "status": "affected",
                  "version": "21.11.5"
                },
                {
                  "status": "affected",
                  "version": "21.11.6"
                },
                {
                  "status": "affected",
                  "version": "21.11.7"
                },
                {
                  "status": "affected",
                  "version": "21.11.8"
                },
                {
                  "status": "affected",
                  "version": "21.11.9"
                },
                {
                  "status": "affected",
                  "version": "21.11.15"
                },
                {
                  "status": "affected",
                  "version": "21.11.16"
                },
                {
                  "status": "affected",
                  "version": "21.11.17"
                },
                {
                  "status": "affected",
                  "version": "21.11.18"
                },
                {
                  "status": "affected",
                  "version": "21.11.19"
                },
                {
                  "status": "affected",
                  "version": "21.11.20"
                },
                {
                  "status": "affected",
                  "version": "21.11.21"
                },
                {
                  "status": "affected",
                  "version": "21.12.0"
                },
                {
                  "status": "affected",
                  "version": "21.12.1"
                },
                {
                  "status": "affected",
                  "version": "21.12.2"
                },
                {
                  "status": "affected",
                  "version": "21.12.3"
                },
                {
                  "status": "affected",
                  "version": "21.12.4"
                },
                {
                  "status": "affected",
                  "version": "21.12.5"
                },
                {
                  "status": "affected",
                  "version": "21.12.6"
                },
                {
                  "status": "affected",
                  "version": "21.12.10"
                },
                {
                  "status": "affected",
                  "version": "21.12.11"
                },
                {
                  "status": "affected",
                  "version": "21.12.12"
                },
                {
                  "status": "affected",
                  "version": "21.12.13"
                },
                {
                  "status": "affected",
                  "version": "21.12.14"
                },
                {
                  "status": "affected",
                  "version": "21.12.16"
                },
                {
                  "status": "affected",
                  "version": "21.12.17"
                },
                {
                  "status": "affected",
                  "version": "21.12.18"
                },
                {
                  "status": "affected",
                  "version": "21.12.7"
                },
                {
                  "status": "affected",
                  "version": "21.12.8"
                },
                {
                  "status": "affected",
                  "version": "21.12.9"
                },
                {
                  "status": "affected",
                  "version": "21.12.19"
                },
                {
                  "status": "affected",
                  "version": "21.12.20"
                },
                {
                  "status": "affected",
                  "version": "21.12.21"
                },
                {
                  "status": "affected",
                  "version": "21.12.22"
                },
                {
                  "status": "affected",
                  "version": "21.12.15"
                },
                {
                  "status": "affected",
                  "version": "21.13.0"
                },
                {
                  "status": "affected",
                  "version": "21.13.1"
                },
                {
                  "status": "affected",
                  "version": "21.13.2"
                },
                {
                  "status": "affected",
                  "version": "21.13.3"
                },
                {
                  "status": "affected",
                  "version": "21.13.4"
                },
                {
                  "status": "affected",
                  "version": "21.13.10"
                },
                {
                  "status": "affected",
                  "version": "21.13.11"
                },
                {
                  "status": "affected",
                  "version": "21.13.12"
                },
                {
                  "status": "affected",
                  "version": "21.13.13"
                },
                {
                  "status": "affected",
                  "version": "21.13.14"
                },
                {
                  "status": "affected",
                  "version": "21.13.15"
                },
                {
                  "status": "affected",
                  "version": "21.13.16"
                },
                {
                  "status": "affected",
                  "version": "21.13.17"
                },
                {
                  "status": "affected",
                  "version": "21.13.18"
                },
                {
                  "status": "affected",
                  "version": "21.13.19"
                },
                {
                  "status": "affected",
                  "version": "21.13.20"
                },
                {
                  "status": "affected",
                  "version": "21.13.5"
                },
                {
                  "status": "affected",
                  "version": "21.13.6"
                },
                {
                  "status": "affected",
                  "version": "21.13.7"
                },
                {
                  "status": "affected",
                  "version": "21.13.8"
                },
                {
                  "status": "affected",
                  "version": "21.13.9"
                },
                {
                  "status": "affected",
                  "version": "21.13.21"
                },
                {
                  "status": "affected",
                  "version": "21.14.0"
                },
                {
                  "status": "affected",
                  "version": "21.14.1"
                },
                {
                  "status": "affected",
                  "version": "21.14.10"
                },
                {
                  "status": "affected",
                  "version": "21.14.11"
                },
                {
                  "status": "affected",
                  "version": "21.14.12"
                },
                {
                  "status": "affected",
                  "version": "21.14.16"
                },
                {
                  "status": "affected",
                  "version": "21.14.17"
                },
                {
                  "status": "affected",
                  "version": "21.14.19"
                },
                {
                  "status": "affected",
                  "version": "21.14.2"
                },
                {
                  "status": "affected",
                  "version": "21.14.20"
                },
                {
                  "status": "affected",
                  "version": "21.14.3"
                },
                {
                  "status": "affected",
                  "version": "21.14.4"
                },
                {
                  "status": "affected",
                  "version": "21.14.5"
                },
                {
                  "status": "affected",
                  "version": "21.14.6"
                },
                {
                  "status": "affected",
                  "version": "21.14.7"
                },
                {
                  "status": "affected",
                  "version": "21.14.8"
                },
                {
                  "status": "affected",
                  "version": "21.14.9"
                },
                {
                  "status": "affected",
                  "version": "21.14.b12"
                },
                {
                  "status": "affected",
                  "version": "21.14.b13"
                },
                {
                  "status": "affected",
                  "version": "21.14.b14"
                },
                {
                  "status": "affected",
                  "version": "21.14.b15"
                },
                {
                  "status": "affected",
                  "version": "21.14.b17"
                },
                {
                  "status": "affected",
                  "version": "21.14.b18"
                },
                {
                  "status": "affected",
                  "version": "21.14.b19"
                },
                {
                  "status": "affected",
                  "version": "21.14.b20"
                },
                {
                  "status": "affected",
                  "version": "21.14.b21"
                },
                {
                  "status": "affected",
                  "version": "21.14.22"
                },
                {
                  "status": "affected",
                  "version": "21.14.b22"
                },
                {
                  "status": "affected",
                  "version": "21.14.23"
                },
                {
                  "status": "affected",
                  "version": "21.15.0"
                },
                {
                  "status": "affected",
                  "version": "21.15.1"
                },
                {
                  "status": "affected",
                  "version": "21.15.10"
                },
                {
                  "status": "affected",
                  "version": "21.15.11"
                },
                {
                  "status": "affected",
                  "version": "21.15.12"
                },
                {
                  "status": "affected",
                  "version": "21.15.13"
                },
                {
                  "status": "affected",
                  "version": "21.15.14"
                },
                {
                  "status": "affected",
                  "version": "21.15.15"
                },
                {
                  "status": "affected",
                  "version": "21.15.16"
                },
                {
                  "status": "affected",
                  "version": "21.15.17"
                },
                {
                  "status": "affected",
                  "version": "21.15.18"
                },
                {
                  "status": "affected",
                  "version": "21.15.19"
                },
                {
                  "status": "affected",
                  "version": "21.15.2"
                },
                {
                  "status": "affected",
                  "version": "21.15.20"
                },
                {
                  "status": "affected",
                  "version": "21.15.21"
                },
                {
                  "status": "affected",
                  "version": "21.15.22"
                },
                {
                  "status": "affected",
                  "version": "21.15.24"
                },
                {
                  "status": "affected",
                  "version": "21.15.25"
                },
                {
                  "status": "affected",
                  "version": "21.15.26"
                },
                {
                  "status": "affected",
                  "version": "21.15.27"
                },
                {
                  "status": "affected",
                  "version": "21.15.28"
                },
                {
                  "status": "affected",
                  "version": "21.15.29"
                },
                {
                  "status": "affected",
                  "version": "21.15.3"
                },
                {
                  "status": "affected",
                  "version": "21.15.30"
                },
                {
                  "status": "affected",
                  "version": "21.15.32"
                },
                {
                  "status": "affected",
                  "version": "21.15.33"
                },
                {
                  "status": "affected",
                  "version": "21.15.36"
                },
                {
                  "status": "affected",
                  "version": "21.15.37"
                },
                {
                  "status": "affected",
                  "version": "21.15.39"
                },
                {
                  "status": "affected",
                  "version": "21.15.4"
                },
                {
                  "status": "affected",
                  "version": "21.15.40"
                },
                {
                  "status": "affected",
                  "version": "21.15.41"
                },
                {
                  "status": "affected",
                  "version": "21.15.5"
                },
                {
                  "status": "affected",
                  "version": "21.15.6"
                },
                {
                  "status": "affected",
                  "version": "21.15.7"
                },
                {
                  "status": "affected",
                  "version": "21.15.8"
                },
                {
                  "status": "affected",
                  "version": "21.15.43"
                },
                {
                  "status": "affected",
                  "version": "21.15.45"
                },
                {
                  "status": "affected",
                  "version": "21.15.46"
                },
                {
                  "status": "affected",
                  "version": "21.15.47"
                },
                {
                  "status": "affected",
                  "version": "21.15.48"
                },
                {
                  "status": "affected",
                  "version": "21.15.51"
                },
                {
                  "status": "affected",
                  "version": "21.15.52"
                },
                {
                  "status": "affected",
                  "version": "21.15.53"
                },
                {
                  "status": "affected",
                  "version": "21.15.54"
                },
                {
                  "status": "affected",
                  "version": "21.15.55"
                },
                {
                  "status": "affected",
                  "version": "21.15.57"
                },
                {
                  "status": "affected",
                  "version": "21.15.58"
                },
                {
                  "status": "affected",
                  "version": "21.15.59"
                },
                {
                  "status": "affected",
                  "version": "21.15.60"
                },
                {
                  "status": "affected",
                  "version": "21.16.2"
                },
                {
                  "status": "affected",
                  "version": "21.16.3"
                },
                {
                  "status": "affected",
                  "version": "21.16.4"
                },
                {
                  "status": "affected",
                  "version": "21.16.5"
                },
                {
                  "status": "affected",
                  "version": "21.16.c10"
                },
                {
                  "status": "affected",
                  "version": "21.16.c11"
                },
                {
                  "status": "affected",
                  "version": "21.16.c12"
                },
                {
                  "status": "affected",
                  "version": "21.16.c13"
                },
                {
                  "status": "affected",
                  "version": "21.16.c9"
                },
                {
                  "status": "affected",
                  "version": "21.16.d0"
                },
                {
                  "status": "affected",
                  "version": "21.16.d1"
                },
                {
                  "status": "affected",
                  "version": "21.16.6"
                },
                {
                  "status": "affected",
                  "version": "21.16.c14"
                },
                {
                  "status": "affected",
                  "version": "21.16.7"
                },
                {
                  "status": "affected",
                  "version": "21.16.c15"
                },
                {
                  "status": "affected",
                  "version": "21.16.8"
                },
                {
                  "status": "affected",
                  "version": "21.16.c16"
                },
                {
                  "status": "affected",
                  "version": "21.16.10"
                },
                {
                  "status": "affected",
                  "version": "21.16.9"
                },
                {
                  "status": "affected",
                  "version": "21.16.c17"
                },
                {
                  "status": "affected",
                  "version": "21.16.c18"
                },
                {
                  "status": "affected",
                  "version": "21.16.c19"
                },
                {
                  "status": "affected",
                  "version": "21.17.0"
                },
                {
                  "status": "affected",
                  "version": "21.17.1"
                },
                {
                  "status": "affected",
                  "version": "21.17.2"
                },
                {
                  "status": "affected",
                  "version": "21.17.3"
                },
                {
                  "status": "affected",
                  "version": "21.17.4"
                },
                {
                  "status": "affected",
                  "version": "21.17.5"
                },
                {
                  "status": "affected",
                  "version": "21.17.6"
                },
                {
                  "status": "affected",
                  "version": "21.17.7"
                },
                {
                  "status": "affected",
                  "version": "21.17.8"
                },
                {
                  "status": "affected",
                  "version": "21.17.10"
                },
                {
                  "status": "affected",
                  "version": "21.17.11"
                },
                {
                  "status": "affected",
                  "version": "21.17.9"
                },
                {
                  "status": "affected",
                  "version": "21.17.12"
                },
                {
                  "status": "affected",
                  "version": "21.17.13"
                },
                {
                  "status": "affected",
                  "version": "21.17.14"
                },
                {
                  "status": "affected",
                  "version": "21.17.15"
                },
                {
                  "status": "affected",
                  "version": "21.17.16"
                },
                {
                  "status": "affected",
                  "version": "21.17.17"
                },
                {
                  "status": "affected",
                  "version": "21.17.18"
                },
                {
                  "status": "affected",
                  "version": "21.17.19"
                },
                {
                  "status": "affected",
                  "version": "21.18.0"
                },
                {
                  "status": "affected",
                  "version": "21.18.1"
                },
                {
                  "status": "affected",
                  "version": "21.18.2"
                },
                {
                  "status": "affected",
                  "version": "21.18.3"
                },
                {
                  "status": "affected",
                  "version": "21.18.4"
                },
                {
                  "status": "affected",
                  "version": "21.18.5"
                },
                {
                  "status": "affected",
                  "version": "21.18.11"
                },
                {
                  "status": "affected",
                  "version": "21.18.6"
                },
                {
                  "status": "affected",
                  "version": "21.18.7"
                },
                {
                  "status": "affected",
                  "version": "21.18.8"
                },
                {
                  "status": "affected",
                  "version": "21.18.9"
                },
                {
                  "status": "affected",
                  "version": "21.18.12"
                },
                {
                  "status": "affected",
                  "version": "21.18.13"
                },
                {
                  "status": "affected",
                  "version": "21.18.14"
                },
                {
                  "status": "affected",
                  "version": "21.18.15"
                },
                {
                  "status": "affected",
                  "version": "21.18.16"
                },
                {
                  "status": "affected",
                  "version": "21.18.17"
                },
                {
                  "status": "affected",
                  "version": "21.18.18"
                },
                {
                  "status": "affected",
                  "version": "21.18.19"
                },
                {
                  "status": "affected",
                  "version": "21.18.20"
                },
                {
                  "status": "affected",
                  "version": "21.18.21"
                },
                {
                  "status": "affected",
                  "version": "21.18.22"
                },
                {
                  "status": "affected",
                  "version": "21.18.23"
                },
                {
                  "status": "affected",
                  "version": "21.18.24"
                },
                {
                  "status": "affected",
                  "version": "21.18.25"
                },
                {
                  "status": "affected",
                  "version": "21.18.26"
                },
                {
                  "status": "affected",
                  "version": "21.19.0"
                },
                {
                  "status": "affected",
                  "version": "21.19.1"
                },
                {
                  "status": "affected",
                  "version": "21.19.2"
                },
                {
                  "status": "affected",
                  "version": "21.19.3"
                },
                {
                  "status": "affected",
                  "version": "21.19.n2"
                },
                {
                  "status": "affected",
                  "version": "21.19.4"
                },
                {
                  "status": "affected",
                  "version": "21.19.5"
                },
                {
                  "status": "affected",
                  "version": "21.19.n3"
                },
                {
                  "status": "affected",
                  "version": "21.19.n4"
                },
                {
                  "status": "affected",
                  "version": "21.19.6"
                },
                {
                  "status": "affected",
                  "version": "21.19.7"
                },
                {
                  "status": "affected",
                  "version": "21.19.8"
                },
                {
                  "status": "affected",
                  "version": "21.19.n5"
                },
                {
                  "status": "affected",
                  "version": "21.19.10"
                },
                {
                  "status": "affected",
                  "version": "21.19.9"
                },
                {
                  "status": "affected",
                  "version": "21.19.n6"
                },
                {
                  "status": "affected",
                  "version": "21.19.n7"
                },
                {
                  "status": "affected",
                  "version": "21.19.n8"
                },
                {
                  "status": "affected",
                  "version": "21.19.11"
                },
                {
                  "status": "affected",
                  "version": "21.19.n10"
                },
                {
                  "status": "affected",
                  "version": "21.19.n11"
                },
                {
                  "status": "affected",
                  "version": "21.19.n12"
                },
                {
                  "status": "affected",
                  "version": "21.19.n13"
                },
                {
                  "status": "affected",
                  "version": "21.19.n14"
                },
                {
                  "status": "affected",
                  "version": "21.19.n15"
                },
                {
                  "status": "affected",
                  "version": "21.19.n16"
                },
                {
                  "status": "affected",
                  "version": "21.19.n9"
                },
                {
                  "status": "affected",
                  "version": "21.19.n17"
                },
                {
                  "status": "affected",
                  "version": "21.19.n18"
                },
                {
                  "status": "affected",
                  "version": "21.20.0"
                },
                {
                  "status": "affected",
                  "version": "21.20.1"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV1"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV3"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV5"
                },
                {
                  "status": "affected",
                  "version": "21.20.2"
                },
                {
                  "status": "affected",
                  "version": "21.20.3"
                },
                {
                  "status": "affected",
                  "version": "21.20.4"
                },
                {
                  "status": "affected",
                  "version": "21.20.5"
                },
                {
                  "status": "affected",
                  "version": "21.20.6"
                },
                {
                  "status": "affected",
                  "version": "21.20.7"
                },
                {
                  "status": "affected",
                  "version": "21.20.8"
                },
                {
                  "status": "affected",
                  "version": "21.20.9"
                },
                {
                  "status": "affected",
                  "version": "21.20.k6"
                },
                {
                  "status": "affected",
                  "version": "21.20.10"
                },
                {
                  "status": "affected",
                  "version": "21.20.11"
                },
                {
                  "status": "affected",
                  "version": "21.20.k7"
                },
                {
                  "status": "affected",
                  "version": "21.20.u8"
                },
                {
                  "status": "affected",
                  "version": "21.20.12"
                },
                {
                  "status": "affected",
                  "version": "21.20.13"
                },
                {
                  "status": "affected",
                  "version": "21.20.14"
                },
                {
                  "status": "affected",
                  "version": "21.20.k8"
                },
                {
                  "status": "affected",
                  "version": "21.20.p9"
                },
                {
                  "status": "affected",
                  "version": "21.20.15"
                },
                {
                  "status": "affected",
                  "version": "21.20.16"
                },
                {
                  "status": "affected",
                  "version": "21.20.17"
                },
                {
                  "status": "affected",
                  "version": "21.20.18"
                },
                {
                  "status": "affected",
                  "version": "21.20.19"
                },
                {
                  "status": "affected",
                  "version": "21.20.20"
                },
                {
                  "status": "affected",
                  "version": "21.20.21"
                },
                {
                  "status": "affected",
                  "version": "21.20.22"
                },
                {
                  "status": "affected",
                  "version": "21.20.23"
                },
                {
                  "status": "affected",
                  "version": "21.20.24"
                },
                {
                  "status": "affected",
                  "version": "21.20.25"
                },
                {
                  "status": "affected",
                  "version": "21.20.26"
                },
                {
                  "status": "affected",
                  "version": "21.20.28"
                },
                {
                  "status": "affected",
                  "version": "21.20.29"
                },
                {
                  "status": "affected",
                  "version": "21.20.30"
                },
                {
                  "status": "affected",
                  "version": "21.20.c22"
                },
                {
                  "status": "affected",
                  "version": "21.20.31"
                },
                {
                  "status": "affected",
                  "version": "21.20.32"
                },
                {
                  "status": "affected",
                  "version": "21.20.33"
                },
                {
                  "status": "affected",
                  "version": "21.20.34"
                },
                {
                  "status": "affected",
                  "version": "21.20.35"
                },
                {
                  "status": "affected",
                  "version": "21.20.27"
                },
                {
                  "status": "affected",
                  "version": "21.20.SV2"
                },
                {
                  "status": "affected",
                  "version": "21.21.0"
                },
                {
                  "status": "affected",
                  "version": "21.21.1"
                },
                {
                  "status": "affected",
                  "version": "21.21.2"
                },
                {
                  "status": "affected",
                  "version": "21.21.3"
                },
                {
                  "status": "affected",
                  "version": "21.21.KS2"
                },
                {
                  "status": "affected",
                  "version": "21.22.0"
                },
                {
                  "status": "affected",
                  "version": "21.22.n2"
                },
                {
                  "status": "affected",
                  "version": "21.22.n3"
                },
                {
                  "status": "affected",
                  "version": "21.22.3"
                },
                {
                  "status": "affected",
                  "version": "21.22.4"
                },
                {
                  "status": "affected",
                  "version": "21.22.5"
                },
                {
                  "status": "affected",
                  "version": "21.22.uj3"
                },
                {
                  "status": "affected",
                  "version": "21.22.11"
                },
                {
                  "status": "affected",
                  "version": "21.22.6"
                },
                {
                  "status": "affected",
                  "version": "21.22.7"
                },
                {
                  "status": "affected",
                  "version": "21.22.8"
                },
                {
                  "status": "affected",
                  "version": "21.22.n4"
                },
                {
                  "status": "affected",
                  "version": "21.22.n5"
                },
                {
                  "status": "affected",
                  "version": "21.22.ua0"
                },
                {
                  "status": "affected",
                  "version": "21.22.ua2"
                },
                {
                  "status": "affected",
                  "version": "21.22.ua3"
                },
                {
                  "status": "affected",
                  "version": "21.22.ua5"
                },
                {
                  "status": "affected",
                  "version": "21.22.12"
                },
                {
                  "status": "affected",
                  "version": "21.22.13"
                },
                {
                  "status": "affected",
                  "version": "21.22.n10"
                },
                {
                  "status": "affected",
                  "version": "21.22.n11"
                },
                {
                  "status": "affected",
                  "version": "21.22.n12"
                },
                {
                  "status": "affected",
                  "version": "21.22.n6"
                },
                {
                  "status": "affected",
                  "version": "21.22.n7"
                },
                {
                  "status": "affected",
                  "version": "21.22.n8"
                },
                {
                  "status": "affected",
                  "version": "21.22.n9"
                },
                {
                  "status": "affected",
                  "version": "21.22.n13"
                },
                {
                  "status": "affected",
                  "version": "21.23.0"
                },
                {
                  "status": "affected",
                  "version": "21.23.1"
                },
                {
                  "status": "affected",
                  "version": "21.23.10"
                },
                {
                  "status": "affected",
                  "version": "21.23.11"
                },
                {
                  "status": "affected",
                  "version": "21.23.12"
                },
                {
                  "status": "affected",
                  "version": "21.23.13"
                },
                {
                  "status": "affected",
                  "version": "21.23.14"
                },
                {
                  "status": "affected",
                  "version": "21.23.15"
                },
                {
                  "status": "affected",
                  "version": "21.23.16"
                },
                {
                  "status": "affected",
                  "version": "21.23.17"
                },
                {
                  "status": "affected",
                  "version": "21.23.2"
                },
                {
                  "status": "affected",
                  "version": "21.23.3"
                },
                {
                  "status": "affected",
                  "version": "21.23.4"
                },
                {
                  "status": "affected",
                  "version": "21.23.5"
                },
                {
                  "status": "affected",
                  "version": "21.23.6"
                },
                {
                  "status": "affected",
                  "version": "21.23.7"
                },
                {
                  "status": "affected",
                  "version": "21.23.8"
                },
                {
                  "status": "affected",
                  "version": "21.23.9"
                },
                {
                  "status": "affected",
                  "version": "21.23.b2"
                },
                {
                  "status": "affected",
                  "version": "21.23.b3"
                },
                {
                  "status": "affected",
                  "version": "21.23.c16"
                },
                {
                  "status": "affected",
                  "version": "21.23.c17"
                },
                {
                  "status": "affected",
                  "version": "21.23.n6"
                },
                {
                  "status": "affected",
                  "version": "21.23.n7"
                },
                {
                  "status": "affected",
                  "version": "21.23.n9"
                },
                {
                  "status": "affected",
                  "version": "21.23.18"
                },
                {
                  "status": "affected",
                  "version": "21.23.19"
                },
                {
                  "status": "affected",
                  "version": "21.23.21"
                },
                {
                  "status": "affected",
                  "version": "21.23.22"
                },
                {
                  "status": "affected",
                  "version": "21.23.23"
                },
                {
                  "status": "affected",
                  "version": "21.23.24"
                },
                {
                  "status": "affected",
                  "version": "21.23.25"
                },
                {
                  "status": "affected",
                  "version": "21.23.26"
                },
                {
                  "status": "affected",
                  "version": "21.23.27"
                },
                {
                  "status": "affected",
                  "version": "21.23.29"
                },
                {
                  "status": "affected",
                  "version": "21.23.30"
                },
                {
                  "status": "affected",
                  "version": "21.23.c18"
                },
                {
                  "status": "affected",
                  "version": "21.23.n10"
                },
                {
                  "status": "affected",
                  "version": "21.23.n11"
                },
                {
                  "status": "affected",
                  "version": "21.23.n8"
                },
                {
                  "status": "affected",
                  "version": "21.23.yn14"
                },
                {
                  "status": "affected",
                  "version": "21.24.0"
                },
                {
                  "status": "affected",
                  "version": "21.24.1"
                },
                {
                  "status": "affected",
                  "version": "21.24.2"
                },
                {
                  "status": "affected",
                  "version": "21.24.3"
                },
                {
                  "status": "affected",
                  "version": "21.25.0"
                },
                {
                  "status": "affected",
                  "version": "21.25.3"
                },
                {
                  "status": "affected",
                  "version": "21.25.4"
                },
                {
                  "status": "affected",
                  "version": "21.25.5"
                },
                {
                  "status": "affected",
                  "version": "21.25.10"
                },
                {
                  "status": "affected",
                  "version": "21.25.11"
                },
                {
                  "status": "affected",
                  "version": "21.25.12"
                },
                {
                  "status": "affected",
                  "version": "21.25.13"
                },
                {
                  "status": "affected",
                  "version": "21.25.14"
                },
                {
                  "status": "affected",
                  "version": "21.25.6"
                },
                {
                  "status": "affected",
                  "version": "21.25.7"
                },
                {
                  "status": "affected",
                  "version": "21.25.8"
                },
                {
                  "status": "affected",
                  "version": "21.25.9"
                },
                {
                  "status": "affected",
                  "version": "21.26.0"
                },
                {
                  "status": "affected",
                  "version": "21.26.1"
                },
                {
                  "status": "affected",
                  "version": "21.26.10"
                },
                {
                  "status": "affected",
                  "version": "21.26.13"
                },
                {
                  "status": "affected",
                  "version": "21.26.14"
                },
                {
                  "status": "affected",
                  "version": "21.26.15"
                },
                {
                  "status": "affected",
                  "version": "21.26.3"
                },
                {
                  "status": "affected",
                  "version": "21.26.5"
                },
                {
                  "status": "affected",
                  "version": "21.26.6"
                },
                {
                  "status": "affected",
                  "version": "21.26.7"
                },
                {
                  "status": "affected",
                  "version": "21.26.17"
                },
                {
                  "status": "affected",
                  "version": "21.27.0"
                },
                {
                  "status": "affected",
                  "version": "21.27.1"
                },
                {
                  "status": "affected",
                  "version": "21.27.2"
                },
                {
                  "status": "affected",
                  "version": "21.27.3"
                },
                {
                  "status": "affected",
                  "version": "21.27.4"
                },
                {
                  "status": "affected",
                  "version": "21.27.5"
                },
                {
                  "status": "affected",
                  "version": "21.27.m0"
                },
                {
                  "status": "affected",
                  "version": "21.28.0"
                },
                {
                  "status": "affected",
                  "version": "21.28.1"
                },
                {
                  "status": "affected",
                  "version": "21.28.2"
                },
                {
                  "status": "affected",
                  "version": "21.28.m0"
                },
                {
                  "status": "affected",
                  "version": "21.28.m1"
                },
                {
                  "status": "affected",
                  "version": "21.28.m2"
                },
                {
                  "status": "affected",
                  "version": "21.28.m3"
                }
              ]
            },
            {
              "product": "Cisco Ultra Cloud Core - User Plane Function",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this vulnerability by sending a valid low-privileged SSH key to an affected device from a host that has an IP address that is configured as the source for a high-privileged user account. A successful exploit could allow the attacker to log in to the affected device through SSH as a high-privileged user.\r\n\r   There are workarounds that address this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-289",
                  "description": "Authentication Bypass by Alternate Name",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-25T16:57:38.039Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-ssh-privesc-BmWeJC3h"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-ssh-privesc-BmWeJC3h",
            "defects": [
              "CSCwd89468"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20046",
        "datePublished": "2023-05-09T13:06:10.748Z",
        "dateReserved": "2022-10-27T18:47:50.317Z",
        "dateUpdated": "2024-08-02T08:57:35.853Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-20051 (GCVE-0-2023-20051)

    Vulnerability from cvelistv5 – Published: 2023-04-05 00:00 – Updated: 2024-10-28 16:31
    VLAI
    Title
    Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability
    Summary
    A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS).
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2023-04-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:57:35.844Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20230405 Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-20051",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-28T16:24:30.430738Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-28T16:31:14.018Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2023-04-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Vector Packet Processor (VPP) of Cisco Packet Data Network Gateway (PGW) could allow an unauthenticated, remote attacker to stop ICMP traffic from being processed over an IPsec connection. This vulnerability is due to the VPP improperly handling a malformed packet. An attacker could exploit this vulnerability by sending a malformed Encapsulating Security Payload (ESP) packet over an IPsec connection. A successful exploit could allow the attacker to stop ICMP traffic over an IPsec connection and cause a denial of service (DoS)."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-04-05T00:00:00.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20230405 Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-pdng-dos-KmzwEy2Q"
            }
          ],
          "source": {
            "advisory": "cisco-sa-cisco-pdng-dos-KmzwEy2Q",
            "defect": [
              [
                "CSCwb32089"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Packet Data Network Gateway IPsec ICMP Denial of Service Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2023-20051",
        "datePublished": "2023-04-05T00:00:00.000Z",
        "dateReserved": "2022-10-27T00:00:00.000Z",
        "dateUpdated": "2024-10-28T16:31:14.018Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-20665 (GCVE-0-2022-20665)

    Vulnerability from cvelistv5 – Published: 2022-04-06 18:13 – Updated: 2024-11-06 16:28
    VLAI
    Title
    Cisco StarOS Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2022-03-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T02:17:52.953Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20220303 Cisco StarOS Command Injection Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-20665",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-06T16:00:18.481701Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-06T16:28:29.506Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2022-03-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-06T18:13:40.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20220303 Cisco StarOS Command Injection Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-cmdinj-759mNT4n",
            "defect": [
              [
                "CSCvz22969"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS Command Injection Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2022-03-03T00:00:00",
              "ID": "CVE-2022-20665",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS Command Injection Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.0",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-77"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20220303 Cisco StarOS Command Injection Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-cmdinj-759mNT4n"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-staros-cmdinj-759mNT4n",
              "defect": [
                [
                  "CSCvz22969"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2022-20665",
        "datePublished": "2022-04-06T18:13:41.066Z",
        "dateReserved": "2021-11-02T00:00:00.000Z",
        "dateUpdated": "2024-11-06T16:28:29.506Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1540 (GCVE-0-2021-1540)

    Vulnerability from cvelistv5 – Published: 2021-06-04 16:46 – Updated: 2024-11-07 22:09
    VLAI
    Title
    Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
    Summary
    Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-06-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.717Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1540",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:41:42.298517Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T22:09:20.180Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-06-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-04T16:46:02.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
            "defect": [
              [
                "CSCvu85001",
                "CSCvv33622"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-06-02T16:00:00",
              "ID": "CVE-2021-1540",
              "STATE": "PUBLIC",
              "TITLE": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "8.1",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-863"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
              "defect": [
                [
                  "CSCvu85001",
                  "CSCvv33622"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1540",
        "datePublished": "2021-06-04T16:46:02.739Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-07T22:09:20.180Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1539 (GCVE-0-2021-1539)

    Vulnerability from cvelistv5 – Published: 2021-06-04 16:45 – Updated: 2024-11-07 22:09
    VLAI
    Title
    Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
    Summary
    Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-06-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.672Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1539",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-07T21:41:43.467282Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-07T22:09:26.621Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-06-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-04T16:45:58.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
            }
          ],
          "source": {
            "advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
            "defect": [
              [
                "CSCvu85001",
                "CSCvv33622"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-06-02T16:00:00",
              "ID": "CVE-2021-1539",
              "STATE": "PUBLIC",
              "TITLE": "Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "8.1",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-863"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210602 Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-asr5k-autho-bypass-mJDF5S7n",
              "defect": [
                [
                  "CSCvu85001",
                  "CSCvv33622"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1539",
        "datePublished": "2021-06-04T16:45:58.314Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-07T22:09:26.621Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1378 (GCVE-0-2021-1378)

    Vulnerability from cvelistv5 – Published: 2021-02-17 16:55 – Updated: 2024-11-08 23:41
    VLAI
    Title
    Cisco StarOS Denial of Service Vulnerability
    Summary
    A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-02-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:17.008Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210217 Cisco StarOS Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-StarOS-DoS-RLLvGFJj"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1378",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:04:08.237238Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-08T23:41:07.900Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-02-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-17T16:55:22.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210217 Cisco StarOS Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-StarOS-DoS-RLLvGFJj"
            }
          ],
          "source": {
            "advisory": "cisco-sa-StarOS-DoS-RLLvGFJj",
            "defect": [
              [
                "CSCvu59686"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-02-17T16:00:00",
              "ID": "CVE-2021-1378",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "5.3",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-400"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210217 Cisco StarOS Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-StarOS-DoS-RLLvGFJj"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-StarOS-DoS-RLLvGFJj",
              "defect": [
                [
                  "CSCvu59686"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1378",
        "datePublished": "2021-02-17T16:55:22.801Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-08T23:41:07.900Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1353 (GCVE-0-2021-1353)

    Vulnerability from cvelistv5 – Published: 2021-01-20 20:00 – Updated: 2024-11-12 20:21
    VLAI
    Title
    Cisco StarOS IPv4 Denial of Service Vulnerability
    Summary
    A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-01-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:11:16.810Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210120 Cisco StarOS IPv4 Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1353",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:05:17.789835Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T20:21:29.530Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-01-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-401",
                  "description": "CWE-401",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-20T20:00:46.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210120 Cisco StarOS IPv4 Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3"
            }
          ],
          "source": {
            "advisory": "cisco-sa-asr-mem-leak-dos-MTWGHKk3",
            "defect": [
              [
                "CSCvq83868",
                "CSCvv69023"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS IPv4 Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-01-20T16:00:00",
              "ID": "CVE-2021-1353",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS IPv4 Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak that occurs during packet processing. An attacker could exploit this vulnerability by sending a series of crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to exhaust the available memory and cause an unexpected restart of the npusim process, leading to a DoS condition on the affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "5.8",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-401"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210120 Cisco StarOS IPv4 Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-mem-leak-dos-MTWGHKk3"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-asr-mem-leak-dos-MTWGHKk3",
              "defect": [
                [
                  "CSCvq83868",
                  "CSCvv69023"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1353",
        "datePublished": "2021-01-20T20:00:46.220Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-12T20:21:29.530Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-1145 (GCVE-0-2021-1145)

    Vulnerability from cvelistv5 – Published: 2021-01-13 21:45 – Updated: 2024-11-12 20:40
    VLAI
    Title
    Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability
    Summary
    A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2021-01-13 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T16:02:55.422Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20210113 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-1145",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-08T20:53:11.748770Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-12T20:40:11.365Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2021-01-13T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-61",
                  "description": "CWE-61",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-13T21:45:36.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20210113 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-file-read-L3RDvtey",
            "defect": [
              [
                "CSCvv34230"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2021-01-13T16:00:00",
              "ID": "CVE-2021-1145",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The vulnerability is due to insecure handling of symbolic links. An attacker could exploit this vulnerability by sending a crafted SFTP command to an affected device. A successful exploit could allow the attacker to read arbitrary files on the affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.5",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-61"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20210113 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-file-read-L3RDvtey"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-staros-file-read-L3RDvtey",
              "defect": [
                [
                  "CSCvv34230"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2021-1145",
        "datePublished": "2021-01-13T21:45:36.440Z",
        "dateReserved": "2020-11-13T00:00:00.000Z",
        "dateUpdated": "2024-11-12T20:40:11.365Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3602 (GCVE-0-2020-3602)

    Vulnerability from cvelistv5 – Published: 2020-10-08 04:21 – Updated: 2024-11-13 17:51
    VLAI
    Title
    Cisco StarOS Privilege Escalation Vulnerability
    Summary
    A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2020-10-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:37:55.605Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-privilege-esc-pyb7YTd"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3602",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-13T17:22:52.999652Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-13T17:51:28.096Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-10-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-08T04:21:09.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-privilege-esc-pyb7YTd"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-privilege-esc-pyb7YTd",
            "defect": [
              [
                "CSCvv34222"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS Privilege Escalation Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-10-07T16:00:00",
              "ID": "CVE-2020-3602",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS Privilege Escalation Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user on the affected device. To exploit this vulnerability, an attacker would need to have valid credentials on an affected device and know the password for the cli test-commands command."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.3",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-privilege-esc-pyb7YTd"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-staros-privilege-esc-pyb7YTd",
              "defect": [
                [
                  "CSCvv34222"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3602",
        "datePublished": "2020-10-08T04:21:09.915Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-13T17:51:28.096Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3601 (GCVE-0-2020-3601)

    Vulnerability from cvelistv5 – Published: 2020-10-08 04:21 – Updated: 2024-11-13 17:51
    VLAI
    Title
    Cisco StarOS Privilege Escalation Vulnerability
    Summary
    A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2020-10-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:37:55.677Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-priv-esc-gGCUMFxv"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3601",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-13T17:22:54.399305Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-13T17:51:37.027Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-10-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-08T04:21:05.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-priv-esc-gGCUMFxv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-staros-priv-esc-gGCUMFxv",
            "defect": [
              [
                "CSCvv34214"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS Privilege Escalation Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-10-07T16:00:00",
              "ID": "CVE-2020-3601",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS Privilege Escalation Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "4.4",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20201007 Cisco StarOS Privilege Escalation Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-staros-priv-esc-gGCUMFxv"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-staros-priv-esc-gGCUMFxv",
              "defect": [
                [
                  "CSCvv34214"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3601",
        "datePublished": "2020-10-08T04:21:05.487Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-13T17:51:37.027Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3500 (GCVE-0-2020-3500)

    Vulnerability from cvelistv5 – Published: 2020-08-17 18:00 – Updated: 2024-11-13 18:16
    VLAI
    Title
    Cisco StarOS IPv6 Denial of Service Vulnerability
    Summary
    A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2020-08-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:37:54.212Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200805 Cisco StarOS IPv6 Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3500",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-13T17:24:57.726835Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-13T18:16:15.224Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-08-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "CWE-119",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-08-17T18:00:26.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200805 Cisco StarOS IPv6 Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m"
            }
          ],
          "source": {
            "advisory": "cisco-sa-asr5k-ipv6-dos-ce3zhF8m",
            "defect": [
              [
                "CSCvu23797"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS IPv6 Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-08-05T16:00:00",
              "ID": "CVE-2020-3500",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS IPv6 Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet to an affected device with the goal of reaching the vulnerable section of the input buffer. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. This vulnerability is specific to IPv6 traffic. IPv4 traffic is not affected."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.8",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-119"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200805 Cisco StarOS IPv6 Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ipv6-dos-ce3zhF8m"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-asr5k-ipv6-dos-ce3zhF8m",
              "defect": [
                [
                  "CSCvu23797"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3500",
        "datePublished": "2020-08-17T18:00:26.607Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-13T18:16:15.224Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3244 (GCVE-0-2020-3244)

    Vulnerability from cvelistv5 – Published: 2020-06-18 02:21 – Updated: 2024-11-15 16:59
    VLAI
    Title
    Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability
    Summary
    A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Date Public
    2020-06-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:30:58.066Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200617 Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3244",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:21:07.157305Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T16:59:30.320Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2020-06-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-06-18T02:21:23.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200617 Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL"
            }
          ],
          "source": {
            "advisory": "cisco-sa-asr5k-ecs-bypass-2LqfPCL",
            "defect": [
              [
                "CSCvs83392"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-06-17T16:00:00",
              "ID": "CVE-2020-3244",
              "STATE": "PUBLIC",
              "TITLE": "Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of user traffic going through an affected device. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to bypass the traffic classification rules and potentially avoid being charged for traffic consumption."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "5.3",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200617 Cisco ASR 5000 Series Aggregation Services Routers Enhanced Charging Service Rule Bypass Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-ecs-bypass-2LqfPCL"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-asr5k-ecs-bypass-2LqfPCL",
              "defect": [
                [
                  "CSCvs83392"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3244",
        "datePublished": "2020-06-18T02:21:23.181Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-15T16:59:30.320Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-16026 (GCVE-0-2019-16026)

    Vulnerability from cvelistv5 – Published: 2020-01-26 04:45 – Updated: 2024-11-15 17:44
    VLAI
    Title
    Cisco Mobility Management Entity Denial of Service Vulnerability
    Summary
    A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Vendor Product Version
    Cisco Cisco ASR 5000 Series Software Affected: unspecified , < n/a (custom)
    Create a notification for this product.
    Date Public
    2020-01-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T01:03:32.668Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200108 Cisco Mobility Management Entity Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-16026",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:29:46.226838Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T17:44:37.291Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "n/a",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-01-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-26T04:45:20.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200108 Cisco Mobility Management Entity Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos"
            }
          ],
          "source": {
            "advisory": "cisco-sa-20200108-mme-dos",
            "defect": [
              [
                "CSCvs01456"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Mobility Management Entity Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-01-08T16:00:00-0800",
              "ID": "CVE-2019-16026",
              "STATE": "PUBLIC",
              "TITLE": "Cisco Mobility Management Entity Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.8",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200108 Cisco Mobility Management Entity Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-mme-dos"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-20200108-mme-dos",
              "defect": [
                [
                  "CSCvs01456"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2019-16026",
        "datePublished": "2020-01-26T04:45:20.821Z",
        "dateReserved": "2019-09-06T00:00:00.000Z",
        "dateUpdated": "2024-11-15T17:44:37.291Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-1869 (GCVE-0-2019-1869)

    Vulnerability from cvelistv5 – Published: 2019-06-20 02:55 – Updated: 2024-11-19 19:05
    VLAI
    Title
    Cisco StarOS Denial of Service Vulnerability
    Summary
    A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    http://www.securityfocus.com/bid/108853 vdb-entryx_refsource_BID
    Impacted products
    Vendor Product Version
    Cisco Cisco ASR 5000 Series Software Affected: unspecified , < 21.11.1 (custom)
    Create a notification for this product.
    Date Public
    2019-06-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:28:42.866Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20190619 Cisco StarOS Denial of Service Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos"
              },
              {
                "name": "108853",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/108853"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-1869",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-19T17:24:03.377833Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-19T19:05:58.503Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco ASR 5000 Series Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "21.11.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-06-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-824",
                  "description": "CWE-824",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-06-21T09:06:07.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20190619 Cisco StarOS Denial of Service Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos"
            },
            {
              "name": "108853",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/108853"
            }
          ],
          "source": {
            "advisory": "cisco-sa-20190619-staros-asr-dos",
            "defect": [
              [
                "CSCvn06757"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco StarOS Denial of Service Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2019-06-19T16:00:00-0700",
              "ID": "CVE-2019-1869",
              "STATE": "PUBLIC",
              "TITLE": "Cisco StarOS Denial of Service Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco ASR 5000 Series Software",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "21.11.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "8.6",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-824"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20190619 Cisco StarOS Denial of Service Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos"
                },
                {
                  "name": "108853",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/108853"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-20190619-staros-asr-dos",
              "defect": [
                [
                  "CSCvn06757"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2019-1869",
        "datePublished": "2019-06-20T02:55:15.750Z",
        "dateReserved": "2018-12-06T00:00:00.000Z",
        "dateUpdated": "2024-11-19T19:05:58.503Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }