cisco-sa-asr5k-autho-bypass-mJDF5S7n: Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
First published: Wed Jun 02 2021(Updated: )
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr5k-autho-bypass-mJDF5S7n
Credit: These vulnerabilities were found during the resolution a Cisco TAC support case
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco StarOS | =21.20<21.20.8=21.19.n<21.19.n7=21.19<26.19.11=21.18<21.18.16=21.17<21.17.10=21.16<21.16.9>=.16<21<Migrate to 21.16.9 | 21.20.8 21.19.n7 26.19.11 21.18.16 21.17.10 21.16.9 Migrate to 21.16.9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What are the vulnerabilities in Cisco ASR 5000 Series Software Authorization Bypass?
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device.
How can an attacker exploit the Cisco ASR 5000 Series Software Authorization Bypass vulnerabilities?
An attacker needs to be authenticated and remote in order to exploit the Cisco ASR 5000 Series Software Authorization Bypass vulnerabilities.
What is the severity level of the Cisco ASR 5000 Series Software Authorization Bypass vulnerabilities?
The severity level of the Cisco ASR 5000 Series Software Authorization Bypass vulnerabilities is high (8.1).
Which versions of Cisco StarOS are affected by the Cisco ASR 5000 Series Software Authorization Bypass vulnerabilities?
The affected versions of Cisco StarOS include 21.20, up to 21.20.8, 21.19, up to 21.19.n7, 21.18, up to 21.18.16, 21.17, up to 21.17.10, and 21.16, up to 21.16.9.
How can I mitigate the Cisco ASR 5000 Series Software Authorization Bypass vulnerabilities?
To mitigate the Cisco ASR 5000 Series Software Authorization Bypass vulnerabilities, it is recommended to migrate to version 21.16.9 or later.
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/cisco-advisory
- source/Cisco
- agent/software-canonical-lookup
- agent/weakness
- agent/author
- agent/severity
- agent/title
- agent/references
- agent/tags
- agent/description
- agent/event
- vendor/cisco
- canonical/cisco staros
- version/cisco staros/21.20
- version/cisco staros/21.19.n
- version/cisco staros/21.19
- version/cisco staros/21.18
- version/cisco staros/21.17
- version/cisco staros/21.16
- version/cisco staros/.16