Cisco Virtualized Packet Core vulnerabilities

CVE-2017-6678 [HIGH] CWE-399 CVE-2017-6678: A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core- A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is

CVE-2017-3819 [HIGH] CWE-264 CVE-2017-3819: A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating sys A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. The vulnerability is due to missing input validation of param

CVE-2016-6466 [HIGH] CWE-399 CVE-2016-6466: A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an un A vulnerability in the IPsec component of StarOS for Cisco ASR 5000 Series routers could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from establishing, resulting in a denial of service (DoS) condition. This vulnerability affects the following Cisco products: Cisco ASR 5000/5500 Series route