CVE-2021-1540
published 2021-06-04CVE-2021-1540: Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass…
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | asr_5000_series | — | — |
| cisco | cisco_asr_5000_series_software | — | — |
| cisco | staros | < 21.16.9 | 21.16.9 |
| cisco | staros | >= 21.17.0 < 21.17.10 | 21.17.10 |
| cisco | staros | >= 21.18.0 < 21.18.16 | 21.18.16 |
| cisco | staros | >= 21.19.0 < 21.19.11 | 21.19.11 |
| cisco | staros | >= 21.19.n < 21.19.n7 | 21.19.n7 |
| cisco | staros | >= 21.20.0 < 21.20.8 | 21.20.8 |