Payment Bypass Vulnerability in Cisco ASR 5000 Series Devices
CVE-2014-0669

Currently unrated

Key Information:

Vendor: Cisco
Status: Asr 5000 Series Software
Vendor: CVE Published:; 22 January 2014

Summary

The Gateway GPRS Support Node (GGSN) in Cisco ASR 5000 series devices is susceptible to a vulnerability that allows remote attackers to bypass payment restrictions. This is achievable through the exploitation of certain Wireless Session Protocol (WSP) packets. Attackers may leverage this flaw to manipulate payment processing, potentially leading to unauthorized service access. It is crucial for users of affected products to implement recommended security measures to mitigate the associated risks.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/90614

vdb-entryx_refsource_XF

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Jan 22, 2014
Vulnerability Reserved
Jan 2, 2014