ID

VAR-201804-1017


CVE

CVE-2018-0239


TITLE

Cisco StarOS Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004347

DESCRIPTION

A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets. The device may need to be manually reloaded to clear this Interface Forwarding Denial of Service condition. The vulnerability is due to the failure to properly check that the length of a packet to transmit does not exceed the maximum supported length of the network interface card (NIC). An attacker could exploit this vulnerability by sending a crafted IP packet or a series of crafted IP fragments through an interface on the targeted device. A successful exploit could allow the attacker to cause the network interface to cease forwarding packets. This vulnerability could be triggered by either IPv4 or IPv6 network traffic. This vulnerability affects the following Cisco products when they are running the StarOS operating system and a virtual interface card is installed on the device: Aggregation Services Router (ASR) 5700 Series, Virtualized Packet Core-Distributed Instance (VPC-DI) System Software, Virtualized Packet Core-Single Instance (VPC-SI) System Software. Cisco Bug IDs: CSCvf32385. Cisco StarOS Contains an input validation vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvf32385 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. The Cisco AggregationServicesRouter (ASR) 5000SeriesRouters is a 5000 series of secure router devices. VirtualizedPacketCore (VPC) SystemSoftware is a commercial version of the StarOS software deployed on a dedicated hardware platform. StarOS is a set of operating systems used in it

Trust: 2.52

sources: NVD: CVE-2018-0239 // JVNDB: JVNDB-2018-004347 // CNVD: CNVD-2018-09782 // BID: 103923 // VULHUB: VHN-118441

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-09782

AFFECTED PRODUCTS

vendor:ciscomodel:starosscope:eqversion:21.1.v6

Trust: 1.6

vendor:ciscomodel:starosscope:eqversion:21.0.v4

Trust: 1.6

vendor:ciscomodel:starosscope:eqversion:21.4.0

Trust: 1.6

vendor:ciscomodel:starosscope:eqversion:21.0.v0.65819

Trust: 1.6

vendor:ciscomodel:starosscope:eqversion:21.3.1

Trust: 1.6

vendor:ciscomodel:starosscope: - version: -

Trust: 0.8

vendor:ciscomodel:aggregation services router seriesscope:eqversion:5700

Trust: 0.6

vendor:ciscomodel:virtualized packet core-distributed instance system softwarescope: - version: -

Trust: 0.6

vendor:ciscomodel:virtualized packet core-single instance system softwarescope: - version: -

Trust: 0.6

vendor:ciscomodel:starosscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:asr seriesscope:eqversion:500021.4

Trust: 0.3

vendor:ciscomodel:asr seriesscope:eqversion:500021.3.1

Trust: 0.3

vendor:ciscomodel:asr seriesscope:eqversion:500021.1.v6

Trust: 0.3

vendor:ciscomodel:asr seriesscope:eqversion:500021.0.v4

Trust: 0.3

vendor:ciscomodel:asr seriesscope:eqversion:500021.0.v0.65819

Trust: 0.3

sources: CNVD: CNVD-2018-09782 // BID: 103923 // JVNDB: JVNDB-2018-004347 // CNNVD: CNNVD-201804-1103 // NVD: CVE-2018-0239

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0239
value: HIGH

Trust: 1.0

NVD: CVE-2018-0239
value: HIGH

Trust: 0.8

CNVD: CNVD-2018-09782
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201804-1103
value: HIGH

Trust: 0.6

VULHUB: VHN-118441
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0239
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-09782
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118441
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0239
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2018-0239
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-09782 // VULHUB: VHN-118441 // JVNDB: JVNDB-2018-004347 // CNNVD: CNNVD-201804-1103 // NVD: CVE-2018-0239

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

problemtype:CWE-770

Trust: 1.1

sources: VULHUB: VHN-118441 // JVNDB: JVNDB-2018-004347 // NVD: CVE-2018-0239

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-1103

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201804-1103

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004347

PATCH

title:cisco-sa-20180418-starosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-staros

Trust: 0.8

title:Cisco ASR5700 Series Routers Enter Patches for Validation Vulnerabilitiesurl:https://www.cnvd.org.cn/patchInfo/show/129537

Trust: 0.6

sources: CNVD: CNVD-2018-09782 // JVNDB: JVNDB-2018-004347

EXTERNAL IDS

db:NVDid:CVE-2018-0239

Trust: 3.4

db:BIDid:103923

Trust: 2.6

db:SECTRACKid:1040720

Trust: 1.7

db:JVNDBid:JVNDB-2018-004347

Trust: 0.8

db:CNVDid:CNVD-2018-09782

Trust: 0.6

db:CNNVDid:CNNVD-201804-1103

Trust: 0.6

db:VULHUBid:VHN-118441

Trust: 0.1

sources: CNVD: CNVD-2018-09782 // VULHUB: VHN-118441 // BID: 103923 // JVNDB: JVNDB-2018-004347 // CNNVD: CNNVD-201804-1103 // NVD: CVE-2018-0239

REFERENCES

url:http://www.securityfocus.com/bid/103923

Trust: 2.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180418-staros

Trust: 2.0

url:http://www.securitytracker.com/id/1040720

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0239

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-0239

Trust: 0.8

url:http://www.cisco.com/

Trust: 0.3

sources: CNVD: CNVD-2018-09782 // VULHUB: VHN-118441 // BID: 103923 // JVNDB: JVNDB-2018-004347 // CNNVD: CNNVD-201804-1103 // NVD: CVE-2018-0239

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 103923

SOURCES

db:CNVDid:CNVD-2018-09782
db:VULHUBid:VHN-118441
db:BIDid:103923
db:JVNDBid:JVNDB-2018-004347
db:CNNVDid:CNNVD-201804-1103
db:NVDid:CVE-2018-0239

LAST UPDATE DATE

2024-11-23T22:00:36.284000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-09782date:2018-05-18T00:00:00
db:VULHUBid:VHN-118441date:2020-09-04T00:00:00
db:BIDid:103923date:2018-04-18T00:00:00
db:JVNDBid:JVNDB-2018-004347date:2018-06-18T00:00:00
db:CNNVDid:CNNVD-201804-1103date:2020-09-07T00:00:00
db:NVDid:CVE-2018-0239date:2024-11-21T03:37:47.690

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-09782date:2018-05-18T00:00:00
db:VULHUBid:VHN-118441date:2018-04-19T00:00:00
db:BIDid:103923date:2018-04-18T00:00:00
db:JVNDBid:JVNDB-2018-004347date:2018-06-18T00:00:00
db:CNNVDid:CNNVD-201804-1103date:2018-04-19T00:00:00
db:NVDid:CVE-2018-0239date:2018-04-19T20:29:00.770