Known Vulnerabilities for Staros by Cisco
Listed below are 10 of the newest known vulnerabilities associated with "Staros" by "Cisco".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-20046 | A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote att... | Not Provided | 2023-05-09 | 2023-05-09 |
| CVE-2022-20665 | A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected ... | 6.7 - MEDIUM | 2022-04-06 | 2022-04-14 |
| CVE-2021-1540 | Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated... | 7.2 - HIGH | 2021-06-04 | 2021-06-14 |
| CVE-2021-1539 | Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated... | 8.8 - HIGH | 2021-06-04 | 2021-06-14 |
| CVE-2021-1378 | A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to ca... | 7.5 - HIGH | 2021-02-17 | 2021-02-24 |
| CVE-2021-1353 | A vulnerability in the IPv4 protocol handling of Cisco StarOS could allow an unauthenticated, remote attacker to cause a deni... | 8.6 - HIGH | 2021-01-20 | 2021-02-03 |
| CVE-2021-1145 | A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remo... | 6.5 - MEDIUM | 2021-01-13 | 2021-01-20 |
| CVE-2020-3602 | A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, l... | 6.7 - MEDIUM | 2020-10-08 | 2020-10-16 |
| CVE-2020-3601 | A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, l... | 6.7 - MEDIUM | 2020-10-08 | 2020-10-16 |
| CVE-2020-3500 | A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial ... | 8.6 - HIGH | 2020-08-17 | 2020-08-20 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Cisco | Staros | 21.9.7 | All | All | All |
| Operating System | Cisco | Staros | 21.9.2 | All | All | All |
| Operating System | Cisco | Staros | 21.9.0 | All | All | All |
| Operating System | Cisco | Staros | 21.9 | All | All | All |
| Operating System | Cisco | Staros | 21.8.6 | All | All | All |
| Operating System | Cisco | Staros | 21.8.10 | All | All | All |
| Operating System | Cisco | Staros | 21.8.0 | All | All | All |
| Operating System | Cisco | Staros | 21.8 | All | All | All |
| Operating System | Cisco | Staros | 21.7.8 | All | All | All |
| Operating System | Cisco | Staros | 21.7.11 | All | All | All |
| Operating System | Cisco | Staros | 21.7.0 | All | All | All |
| Operating System | Cisco | Staros | 21.7 | All | All | All |
| Operating System | Cisco | Staros | 21.6b.16 | All | All | All |
| Operating System | Cisco | Staros | 21.6b.13 | All | All | All |
| Operating System | Cisco | Staros | 21.6b | All | All | All |
| Operating System | Cisco | Staros | 21.6.4 | All | All | All |
| Operating System | Cisco | Staros | 21.6.13 | All | All | All |
| Operating System | Cisco | Staros | 21.6.12 | All | All | All |
| Operating System | Cisco | Staros | 21.6.0 | All | All | All |
| Operating System | Cisco | Staros | 21.6 | All | All | All |
Popular searches for Staros
Cisco Security Advisory: Cisco StarOS Interface Forwarding Denial of Service Vulnerability
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-starosCisco Security Advisory: Cisco StarOS Interface Forwarding Denial of Service Vulnerability I G EA vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router ASR 5700 Series devices and Virtualized Packet Core VPC System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets. The device may need to be manually reloaded to clear the condition. The vulnerability is due to the failure to properly check that the length of a packet to transmit does not exceed the maximum supported length of the network interface card NIC . An attacker could exploit this vulnerability by sending a crafted IP packet or a series of crafted IP fragments through an interface on the targeted device. A successful exploit could allow the attacker to cause the network interface to cease forwarding packets. This vulnerability could be triggered by either IPv4 or IPv6 network traffic. Cisco T R P has released software updates that address this vulnerability. There are no wor
Cisco Systems Vulnerability (computing) Network packet Packet forwarding Network interface controller Exploit (computer security) Denial-of-service attack Computer hardware Speech recognition Interface (computing) Windows Virtual PC Security hacker Computer security Internet Protocol Router (computing) Operating system Input/output Windows Metafile vulnerability Packet processing Patch (computing)Cisco Security Advisory: Cisco StarOS IPv4 Fragmentation Denial of Service Vulnerability
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-staros-dosCisco Security Advisory: Cisco StarOS IPv4 Fragmentation Denial of Service Vulnerability K I GA vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service DoS condition. There are four instances of the npusim process running per Service Function SF instance, each handling a subset of all traffic flowing across the device. It is possible to trigger a reload of all four instances of the npusim process around the same time. The vulnerability is due to improper handling of fragmented IPv4 packets containing options. An attacker could exploit this vulnerability by sending a malicious IPv4 packet across an affected device. An exploit could allow the attacker to trigger a restart of the npusim process, which will result in all traffic queued toward this instance of the npusim process to be dropped while the process is restarting. The npusim process typically restarts within less than a second. Cisco has rele
Cisco Systems Vulnerability (computing) Process (computing) IPv4 Denial-of-service attack Network packet Exploit (computer security) Security hacker Computer security Fragmentation (computing) Windows Metafile vulnerability Instance (computer science) Virtual machine Malware Patch (computing) Event-driven programming Software Computer hardware Subset File system fragmentation