CVE-2018-0117 - OpenCVE

Vendors	Products
Cisco	Asr 5000 Asr 5000 Firmware Asr 5500 Asr 5500 Firmware

Link	Providers
http://www.securityfocus.com/bid/102970
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-vpcdi

{"containers": {"cna": {"affected": [{"product": "Cisco Virtualized Packet Core-Distributed Instance", "vendor": "n/a", "versions": [{"status": "affected", "version": "Cisco Virtualized Packet Core-Distributed Instance"}]}], "datePublic": "2018-02-08T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending malicious traffic to the internal distributed instance (DI) network address on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability affects Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software N4.0 through N5.5 with the Cisco StarOS operating system 19.2 through 21.3. Cisco Bug IDs: CSCve17656."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-02-10T10:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "102970", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/102970"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-vpcdi"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2018-0117", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Virtualized Packet Core-Distributed Instance", "version": {"version_data": [{"version_value": "Cisco Virtualized Packet Core-Distributed Instance"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending malicious traffic to the internal distributed instance (DI) network address on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability affects Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software N4.0 through N5.5 with the Cisco StarOS operating system 19.2 through 21.3. Cisco Bug IDs: CSCve17656."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "102970", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102970"}, {"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-vpcdi", "refsource": "CONFIRM", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-vpcdi"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:14:16.845Z"}, "title": "CVE Program Container", "references": [{"name": "102970", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/102970"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-vpcdi"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2018-0117", "datePublished": "2018-02-08T07:00:00", "dateReserved": "2017-11-27T00:00:00", "dateUpdated": "2024-08-05T03:14:16.845Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asr_5000_firmware:21.1.v0.66836:*:*:*:*:*:*:*", "matchCriteriaId": "D95B0B61-5D1B-4EA3-8CF3-AE210C58F4CF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asr_5000_firmware:21.1.v7:*:*:*:*:*:*:*", "matchCriteriaId": "AB918096-A5E7-47EF-81B9-2BB53A5B12D8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asr_5000_firmware:21.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2EB5558A-DCE2-401C-846F-3BBD89B97195", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asr_5000_firmware:21.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "4713FAB1-A450-4148-B3B0-2577DE96BA90", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*", "matchCriteriaId": "746254AC-B039-432C-AA5C-A82260E57AD7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asr_5500_firmware:21.1.v0.66836:*:*:*:*:*:*:*", "matchCriteriaId": "2CBD9EB8-3056-42A9-8C99-75C13865FFDA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asr_5500_firmware:21.1.v7:*:*:*:*:*:*:*", "matchCriteriaId": "652C5ACB-F3AC-4654-84A5-FE78D6D8B897", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asr_5500_firmware:21.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "ECC59A15-FCB7-42A4-900F-1DBFA946CC8E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asr_5500_firmware:21.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7CAE3C4C-B854-4EB6-9D77-005437DBDD97", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*", "matchCriteriaId": "301681DF-2A9E-4A91-9918-4A46153ADC01", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending malicious traffic to the internal distributed instance (DI) network address on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability affects Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software N4.0 through N5.5 with the Cisco StarOS operating system 19.2 through 21.3. Cisco Bug IDs: CSCve17656."}, {"lang": "es", "value": "Una vulnerabilidad en la funcionalidad de procesado de paquetes de entrada de Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software podr\u00eda permitir que un atacante remoto no autenticado provoque que ambas instancias de funci\u00f3n de control (CF) en un sistema afectado se reinicien, lo que desemboca en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a la manipulaci\u00f3n insuficiente de datos de parte del usuario por parte del software afectado. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico malicioso a la direcci\u00f3n de red de la instancia distribuida (DI) interna en un sistema afectado. Un exploit con \u00e9xito podr\u00eda permitir que el atacante provoque una condici\u00f3n de error en el sistema afectado, lo que podr\u00eda causar que las instancias CF se recarguen y hagan que el VPC entero se recargue, lo que desemboca en la desconexi\u00f3n de todos los suscriptores y una condici\u00f3n DoS en el sistema afectado. La vulnerabilidad afecta a Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software N4.0 hasta N5.5 con el sistema operativo Cisco StarOS en versiones 19.2 hasta la 21.3. Cisco Bug IDs: CSCve17656."}], "id": "CVE-2018-0117", "lastModified": "2019-10-09T23:31:16.237", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-02-08T07:29:00.320", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/102970"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-vpcdi"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object