CVE-2018-0239

CWE-20Improper Input ValidationCWE-770Allocation without Limits4 documents4 sources
Severity
7.5HIGH
EPSS
2.7%
top 14.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Staros
Timeline
PublishedApr 19
Latest updateMay 13

Description

A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets. The device may need to be manually reloaded to clear this Interface Forwarding Denial of Service condition. The vulnerability is due to the failure to properly check that the

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5cisco_starosCisco StarOS
NVDcisco/staros5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-fr97-4833-96q9: A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Se2022-05-13
CVEList
CVE-2018-0239: A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Se2018-04-19

📋Vendor Advisories

1
Cisco
Cisco StarOS Interface Forwarding Denial of Service Vulnerability2018-04-18
CVE-2018-0239 (HIGH CVSS 7.5) | A vulnerability in the egress packe | cvebase.io