CVE-2019-1869

A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/108853	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:cisco:staros::::::::
	cpe:2.3:o:cisco:staros::::::::
	cpe:2.3:o:cisco:staros::::::::
	cpe:2.3:o:cisco:staros::::::::
	cpe:2.3:o:cisco:staros::::::::
	cpe:2.3:o:cisco:staros::::::::
	cpe:2.3:o:cisco:staros::::::::

OR	cpe:2.3:h:cisco:asr_5000:-:::::::*
	cpe:2.3:h:cisco:asr_5500:-:::::::*
	cpe:2.3:h:cisco:asr_5700:-:::::::*

History

No history.

Information

Published : 2019-06-20 03:15

Updated : 2024-02-04 20:20

NVD link : CVE-2019-1869

Mitre link : CVE-2019-1869

CVE.ORG link : CVE-2019-1869

JSON object : View

Products Affected

cisco

asr_5700
asr_5000
asr_5500
staros

CWE

CWE-824

Access of Uninitialized Pointer

{"id": "CVE-2019-1869", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "ykramarz@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2019-06-20T03:15:11.993", "references": [{"url": "http://www.securityfocus.com/bid/108853", "tags": ["Third Party Advisory", "VDB Entry"], "source": "ykramarz@cisco.com"}, {"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-staros-asr-dos", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-824"}]}, {"type": "Secondary", "source": "ykramarz@cisco.com", "description": [{"lang": "en", "value": "CWE-824"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability."}, {"lang": "es", "value": "Una vulnerabilidad en la funcionalidad internal packet-processing del sistema operativo StarOS de Cisco que se ejecuta en plataformas virtuales podr\u00eda permitir a un atacante remoto no autenticado hacer que un dispositivo afectado detenga el procesamiento del tr\u00e1fico, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Una vulnerabilidad es debido a un error l\u00f3gico que puede ocurrir en condiciones de tr\u00e1fico espec\u00edficas. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una serie de paquetes creados a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante impida que la interfaz de servicio destino reciba alg\u00fan tr\u00e1fico, lo que conllevar\u00eda a una condici\u00f3n DoS en la interfaz afectada. Es posible que el dispositivo tenga que volver a cargarse manualmente para recuperarse de la explotaci\u00f3n de esta vulnerabilidad."}], "lastModified": "2019-10-09T23:48:23.503", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28E9D517-E4F2-4388-9F21-E7727232C311", "versionEndExcluding": "21.6.13", "versionStartIncluding": "21.6"}, {"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF01C0A0-C91E-4F09-8437-801A2BB73348", "versionEndExcluding": "21.6b.16", "versionStartIncluding": "21.6b"}, {"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82DB936C-3B12-4FFD-A35A-41DE0F6C7A8E", "versionEndExcluding": "21.7.11", "versionStartIncluding": "21.7"}, {"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D588902-31C0-4463-A7BE-66F91D3B6636", "versionEndExcluding": "21.8.10", "versionStartIncluding": "21.8"}, {"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D587C95-7D71-46A0-A8D4-459B601A007F", "versionEndExcluding": "21.9.7", "versionStartIncluding": "21.9"}, {"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F88DA14-4174-413D-822F-1FFD5C33F8CF", "versionEndExcluding": "21.10.2", "versionStartIncluding": "21.10"}, {"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BDDE9A1-2EA7-4EFB-BA39-0DB5C036B995", "versionEndExcluding": "21.11.1", "versionStartIncluding": "21.11"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "746254AC-B039-432C-AA5C-A82260E57AD7"}, {"criteria": "cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "301681DF-2A9E-4A91-9918-4A46153ADC01"}, {"criteria": "cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A9EF0299-16A7-446D-855D-BFF91EE65534"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}