CVE-2021-1539

Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:cisco:virtualized_packet_core:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:44

Type Values Removed Values Added
CVSS v2 : 6.5
v3 : 8.8
v2 : 6.5
v3 : 8.1
References () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n - Vendor Advisory () https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n - Vendor Advisory

Information

Published : 2021-06-04 17:15

Updated : 2024-11-21 05:44


NVD link : CVE-2021-1539

Mitre link : CVE-2021-1539

CVE.ORG link : CVE-2021-1539


JSON object : View

Products Affected

cisco

  • virtualized_packet_core
  • asr_5500
  • asr_5700
  • asr_5000
  • staros
CWE
CWE-863

Incorrect Authorization