HIGH✓ PATCH🇬🇧 English

CVE-2021-1539

CVSS 8.1v3.1pub. 2021-06-04upd. 2024-11-21

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • Cisco Asr 5000

    HW
    Cisco
    wszystkie wersje
  • Cisco Asr 5500

    HW
    Cisco
    wszystkie wersje
  • Cisco Asr 5700

    HW
    Cisco
    wszystkie wersje
  • Cisco Staros

    OS
    Cisco
    21.19.0 – 21.19.11 (bez)21.19.n – 21.19.n7 (bez)21.20.0 – 21.20.8 (bez)< 21.16.921.17.0 – 21.17.10 (bez)21.18.0 – 21.18.16 (bez)
  • Cisco Virtualized Packet Core

    APP
    Cisco
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2025-32433CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)

CVE-2023-20046HIGH8.8ten sam produkt

A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authentica...

CVE-2022-20919HIGH8.6ten sam produkt

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco...

CVE-2021-1540HIGH8.1ten sam produkt

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow a...

CVE-2019-1869HIGH8.6ten sam produkt

A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running o...