Sign-up

ID

VAR-201807-0419


CVE

CVE-2018-0369


TITLE

Cisco StarOS Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-008203

DESCRIPTION

A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service (DoS) condition. There are four instances of the npusim process running per Service Function (SF) instance, each handling a subset of all traffic flowing across the device. It is possible to trigger a reload of all four instances of the npusim process around the same time. The vulnerability is due to improper handling of fragmented IPv4 packets containing options. An attacker could exploit this vulnerability by sending a malicious IPv4 packet across an affected device. An exploit could allow the attacker to trigger a restart of the npusim process, which will result in all traffic queued toward this instance of the npusim process to be dropped while the process is restarting. The npusim process typically restarts within less than a second. This vulnerability affects: Cisco Virtualized Packet Core-Single Instance (VPC-SI), Cisco Virtualized Packet Core-Distributed Instance (VPC-DI), Cisco Ultra Packet Core (UPC). Cisco Bug IDs: CSCvh29613. Cisco StarOS Contains an input validation vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvh29613 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. Cisco StarOS for ASR 5000 Series Routers is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. production version. Cisco StarOS is one of the virtualized operating systems

Trust: 1.98

sources: NVD: CVE-2018-0369 // JVNDB: JVNDB-2018-008203 // BID: 104723 // VULHUB: VHN-118571

AFFECTED PRODUCTS

vendor:ciscomodel:starosscope:ltversion:21.3.15

Trust: 1.0

vendor:ciscomodel:starosscope:gteversion:21.3

Trust: 1.0

vendor:ciscomodel:starosscope:ltversion:21.6.4

Trust: 1.0

vendor:ciscomodel:starosscope:gteversion:21.4

Trust: 1.0

vendor:ciscomodel:starosscope:ltversion:21.5.7

Trust: 1.0

vendor:ciscomodel:starosscope:gteversion:21.6

Trust: 1.0

vendor:ciscomodel:starosscope: - version: -

Trust: 0.8

vendor:ciscomodel:starosscope:eqversion:21.6

Trust: 0.3

vendor:ciscomodel:starosscope:eqversion:21.5

Trust: 0.3

vendor:ciscomodel:starosscope:eqversion:21.4

Trust: 0.3

vendor:ciscomodel:starosscope:eqversion:21.3

Trust: 0.3

vendor:ciscomodel:starosscope:eqversion:21.1

Trust: 0.3

vendor:ciscomodel:starosscope:eqversion:21.0

Trust: 0.3

vendor:ciscomodel:starosscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:asr seriesscope:eqversion:50000

Trust: 0.3

vendor:ciscomodel:starosscope:neversion:21.6.4

Trust: 0.3

vendor:ciscomodel:starosscope:neversion:21.5.7

Trust: 0.3

sources: BID: 104723 // JVNDB: JVNDB-2018-008203 // NVD: CVE-2018-0369

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0369
value: HIGH

Trust: 1.0

NVD: CVE-2018-0369
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201807-1219
value: HIGH

Trust: 0.6

VULHUB: VHN-118571
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-0369
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-118571
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0369
baseSeverity: HIGH
baseScore: 8.6
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 4.0
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-118571 // JVNDB: JVNDB-2018-008203 // CNNVD: CNNVD-201807-1219 // NVD: CVE-2018-0369

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-118571 // JVNDB: JVNDB-2018-008203 // NVD: CVE-2018-0369

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201807-1219

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201807-1219

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-008203

PATCH
title:cisco-sa-20180711-staros-dosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180711-staros-dos
Trust: 0.8
title:Multiple Cisco product Cisco StarOS Enter the fix for the verification vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=82163
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-008203 // 
            
            
            
            CNNVD: CNNVD-201807-1219

EXTERNAL IDS
db:NVDid:CVE-2018-0369
Trust: 2.8
db:BIDid:104723
Trust: 2.0
db:JVNDBid:JVNDB-2018-008203
Trust: 0.8
db:CNNVDid:CNNVD-201807-1219
Trust: 0.7
db:VULHUBid:VHN-118571
Trust: 0.1
sources:
            
            
            VULHUB: VHN-118571 // 
            
            
            
            BID: 104723 // 
            
            
            
            JVNDB: JVNDB-2018-008203 // 
            
            
            
            CNNVD: CNNVD-201807-1219 // 
            
            
            
            NVD: CVE-2018-0369

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180711-staros-dos
Trust: 2.0
url:http://www.securityfocus.com/bid/104723
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0369
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0369
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-118571 // 
            
            
            
            BID: 104723 // 
            
            
            
            JVNDB: JVNDB-2018-008203 // 
            
            
            
            CNNVD: CNNVD-201807-1219 // 
            
            
            
            NVD: CVE-2018-0369

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 104723

SOURCES
db:VULHUBid:VHN-118571
db:BIDid:104723
db:JVNDBid:JVNDB-2018-008203
db:CNNVDid:CNNVD-201807-1219
db:NVDid:CVE-2018-0369

LAST UPDATE DATE
2024-11-23T22:45:17.225000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-118571date:2019-10-09T00:00:00
db:BIDid:104723date:2018-07-11T00:00:00
db:JVNDBid:JVNDB-2018-008203date:2018-10-11T00:00:00
db:CNNVDid:CNNVD-201807-1219date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0369date:2024-11-21T03:38:04.933

SOURCES RELEASE DATE
db:VULHUBid:VHN-118571date:2018-07-16T00:00:00
db:BIDid:104723date:2018-07-11T00:00:00
db:JVNDBid:JVNDB-2018-008203date:2018-10-11T00:00:00
db:CNNVDid:CNNVD-201807-1219date:2018-07-17T00:00:00
db:NVDid:CVE-2018-0369date:2018-07-16T17:29:00.487