CVE-2018-0122
Severity
4.4MEDIUM
EPSS
0.1%
top 68.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedFeb 8
Latest updateMay 13
Description
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command for the affected operating s…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:NExploitability: 0.8 | Impact: 3.6
Affected Packages2 packages
▶CVEListV5cisco_staros_for_cisco_asr_5000_series_aggregation_services_routersCisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers
🔴Vulnerability Details
2GHSA▶
GHSA-vrq7-hq3r-99cx: A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, l↗2022-05-13
CVEList▶
CVE-2018-0122: A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, l↗2018-02-08
📋Vendor Advisories
1Cisco▶
Cisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers File Overwrite Vulnerability↗2018-02-08