What is CVE-2017-3819?

CVE-2017-3819 is a high-severity vulnerability in Cisco Asr_5000_series_software, classified under CWE-264. CVSS score: 8.8/10. Published 2017-03-15.

How severe is CVE-2017-3819?

High severity. CVSS v3 base score is 8.8 out of 10.

Auth bypass in Cisco Asr_5000_series_software

CVE-2017-3819

A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, re…

EPSS: 0.006 (70.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cisco Asr_5000_series_software — versions 18.0.0, 18.0.0.57828, 18.0.0.59167
Cisco Virtualized_packet_core — versions v18.0_base, v19.0_base, v20.0_base
N/a Cisco Staros — versions Cisco StarOS

Weakness classification (CWE)

References

psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@cisco.com (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2017-3819?: CVE-2017-3819 is a high-severity vulnerability in Cisco Asr_5000_series_software, classified under CWE-264. CVSS score: 8.8/10. Published 2017-03-15.
How severe is CVE-2017-3819?: High severity. CVSS v3 base score is 8.8 out of 10.