Details of VAR-201804-1019

ID

VAR-201804-1019

CVE

CVE-2018-0273

TITLE

Cisco StarOS Resource management vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-004264

DESCRIPTION

A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being established, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of corrupted Internet Key Exchange Version 2 (IKEv2) messages. An attacker could exploit this vulnerability by sending crafted IKEv2 messages toward an affected router. A successful exploit could allow the attacker to cause the ipsecmgr service to reload. A reload of this service could cause all IPsec VPN tunnels to be terminated and prevent new tunnels from being established until the service has restarted, resulting in a DoS condition. This vulnerability affects the following Cisco products when they are running Cisco StarOS: Cisco Aggregation Services Router (ASR) 5000 Series Routers, Virtualized Packet Core (VPC) System Software. Cisco Bug IDs: CSCve29605. Cisco StarOS Contains a resource management vulnerability. Vendors have confirmed this vulnerability Bug ID CSCve29605 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. VirtualizedPacketCore (VPC) SystemSoftware is a commercial version of the StarOS software deployed on a dedicated hardware platform. StarOS is a set of operating systems used in it. IPsecManager is one of the IPsec managers

Trust: 2.52

sources: NVD: CVE-2018-0273 // JVNDB: JVNDB-2018-004264 // CNVD: CNVD-2018-09783 // BID: 103935 // VULHUB: VHN-118475

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-09783

AFFECTED PRODUCTS

vendor:	cisco	model:	staros	scope:	eq	version:	21.2.0	Trust: 1.6
vendor:	cisco	model:	staros	scope:	eq	version:	19.4.2.65120	Trust: 1.6
vendor:	cisco	model:	staros	scope:	eq	version:	21.4.0	Trust: 1.6
vendor:	cisco	model:	staros	scope:	eq	version:	19.6.0	Trust: 1.6
vendor:	cisco	model:	staros	scope:	eq	version:	21.2.6	Trust: 1.6
vendor:	cisco	model:	staros	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	vpc system software	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	asr series routers	scope:	eq	version:	5000	Trust: 0.6
vendor:	cisco	model:	virtualized packet core software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	staros	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr series aggregation services routers	scope:	eq	version:	50000	Trust: 0.3

sources: CNVD: CNVD-2018-09783 // BID: 103935 // JVNDB: JVNDB-2018-004264 // CNNVD: CNNVD-201804-1086 // NVD: CVE-2018-0273

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0273
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-0273
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2018-09783
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201804-1086
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-118475
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-0273
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-09783
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118475
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0273
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-09783 // VULHUB: VHN-118475 // JVNDB: JVNDB-2018-004264 // CNNVD: CNNVD-201804-1086 // NVD: CVE-2018-0273

PROBLEMTYPE DATA

problemtype:	CWE-399	Trust: 1.9
problemtype:	NVD-CWE-noinfo	Trust: 1.0

sources: VULHUB: VHN-118475 // JVNDB: JVNDB-2018-004264 // NVD: CVE-2018-0273

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201804-1086

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201804-1086

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004264

PATCH

title:	cisco-sa-20180418-starosasr	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-starosasr	Trust: 0.8
title:	Patch for Cisco ASR5000 Series Router Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/129535	Trust: 0.6
title:	Cisco Aggregation Services Router 5000 Series Routers and Virtualized Packet Core System Software StarOS IPsec Manager Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=81382	Trust: 0.6

sources: CNVD: CNVD-2018-09783 // JVNDB: JVNDB-2018-004264 // CNNVD: CNNVD-201804-1086

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0273	Trust: 3.4
db:	BID	id:	103935	Trust: 2.6
db:	SECTRACK	id:	1040721	Trust: 1.7
db:	JVNDB	id:	JVNDB-2018-004264	Trust: 0.8
db:	CNVD	id:	CNVD-2018-09783	Trust: 0.6
db:	CNNVD	id:	CNNVD-201804-1086	Trust: 0.6
db:	VULHUB	id:	VHN-118475	Trust: 0.1

sources: CNVD: CNVD-2018-09783 // VULHUB: VHN-118475 // BID: 103935 // JVNDB: JVNDB-2018-004264 // CNNVD: CNNVD-201804-1086 // NVD: CVE-2018-0273

REFERENCES

url:	http://www.securityfocus.com/bid/103935	Trust: 2.3
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180418-starosasr	Trust: 2.0
url:	http://www.securitytracker.com/id/1040721	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0273	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0273	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

sources: CNVD: CNVD-2018-09783 // VULHUB: VHN-118475 // BID: 103935 // JVNDB: JVNDB-2018-004264 // CNNVD: CNNVD-201804-1086 // NVD: CVE-2018-0273

CREDITS

Cisco

Trust: 0.3

sources: BID: 103935

SOURCES

db:	CNVD	id:	CNVD-2018-09783
db:	VULHUB	id:	VHN-118475
db:	BID	id:	103935
db:	JVNDB	id:	JVNDB-2018-004264
db:	CNNVD	id:	CNNVD-201804-1086
db:	NVD	id:	CVE-2018-0273

LAST UPDATE DATE

2024-11-23T22:55:54.335000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-09783	date:	2018-05-18T00:00:00
db:	VULHUB	id:	VHN-118475	date:	2019-10-09T00:00:00
db:	BID	id:	103935	date:	2018-04-18T00:00:00
db:	JVNDB	id:	JVNDB-2018-004264	date:	2018-06-15T00:00:00
db:	CNNVD	id:	CNNVD-201804-1086	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0273	date:	2024-11-21T03:37:52.257

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-09783	date:	2018-05-18T00:00:00
db:	VULHUB	id:	VHN-118475	date:	2018-04-19T00:00:00
db:	BID	id:	103935	date:	2018-04-18T00:00:00
db:	JVNDB	id:	JVNDB-2018-004264	date:	2018-06-15T00:00:00
db:	CNNVD	id:	CNNVD-201804-1086	date:	2018-04-19T00:00:00
db:	NVD	id:	CVE-2018-0273	date:	2018-04-19T20:29:01.707