CVE-2018-0239
| Summary |
A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets. The device may need to be manually reloaded to clear this Interface Forwarding Denial of Service condition. The vulnerability is due to the failure to properly check that the length of a packet to transmit does not exceed the maximum supported length of the network interface card (NIC). An attacker could exploit this vulnerability by sending a crafted IP packet or a series of crafted IP fragments through an interface on the targeted device. A successful exploit could allow the attacker to cause the network interface to cease forwarding packets. This vulnerability could be triggered by either IPv4 or IPv6 network traffic. This vulnerability affects the following Cisco products when they are running the StarOS operating system and a virtual interface card is installed on the device: Aggregation Services Router (ASR) 5700 Series, Virtualized Packet Core-Distributed Instance (VPC-DI) System Software, Virtualized Packet Core-Single Instance (VPC-SI) System Software. Cisco Bug IDs: CSCvf32385.
|
| Publication Date |
April 20, 2018, 5:29 a.m. |
| Registration Date |
March 1, 2021, 6:36 p.m. |
| Last Update |
Nov. 21, 2024, 12:37 p.m. |
|
CVSS3.1 : HIGH
|
| スコア |
7.5
|
| Vector |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 攻撃元区分(AV) |
ネットワーク |
| 攻撃条件の複雑さ(AC) |
低 |
| 攻撃に必要な特権レベル(PR) |
不要 |
| 利用者の関与(UI) |
不要 |
| 影響の想定範囲(S) |
変更なし |
| 機密性への影響(C) |
なし |
| 完全性への影響(I) |
なし |
| 可用性への影響(A) |
高 |
|
CVSS2.0 : MEDIUM
|
| Score |
5.0
|
| Vector |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
| 攻撃元区分(AV) |
ネットワーク |
| 攻撃条件の複雑さ(AC) |
低 |
| 攻撃前の認証要否(Au) |
不要 |
| 機密性への影響(C) |
なし |
| 完全性への影響(I) |
なし |
| 可用性への影響(A) |
低 |
| Get all privileges. |
いいえ
|
| Get user privileges |
いいえ
|
| Get other privileges |
いいえ
|
| User operation required |
いいえ
|
Affected software configurations
| Configuration1 |
or higher |
or less |
more than |
less than |
| cpe:2.3:o:cisco:staros:21.0.v0.65819:*:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:cisco:staros:21.0.v4:*:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:cisco:staros:21.1.v6:*:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:cisco:staros:21.3.1:*:*:*:*:*:*:* |
|
|
|
|
| cpe:2.3:o:cisco:staros:21.4.0:*:*:*:*:*:*:* |
|
|
|
|
| execution environment |
| 1 |
cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:* |
Related information, measures and tools
Common Vulnerabilities List
JVN Vulnerability Information
Cisco StarOS における入力確認に関する脆弱性
| Title |
Cisco StarOS における入力確認に関する脆弱性
|
| Summary |
Cisco StarOS には、入力確認に関する脆弱性が存在します。 ベンダは、本脆弱性を Bug ID CSCvf32385 として公開しています。
|
| Possible impacts |
サービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution |
ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date |
April 18, 2018, midnight |
| Registration Date |
June 18, 2018, 5:44 p.m. |
| Last Update |
June 18, 2018, 5:44 p.m. |
Affected System
CVE (情報セキュリティ 共通脆弱性識別子)
CWE (共通脆弱性タイプ一覧)
ベンダー情報
Change Log
| No |
Changed Details |
Date of change |
| 1 |
[2018年06月18日]
掲載 |
June 18, 2018, 5:44 p.m. |