CVE-2019-1869
Published Jun 20, 2019
Last updated 5 years ago
Overview
- Description
- A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28E9D517-E4F2-4388-9F21-E7727232C311",
"versionEndExcluding": "21.6.13",
"versionStartIncluding": "21.6"
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF01C0A0-C91E-4F09-8437-801A2BB73348",
"versionEndExcluding": "21.6b.16",
"versionStartIncluding": "21.6b"
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82DB936C-3B12-4FFD-A35A-41DE0F6C7A8E",
"versionEndExcluding": "21.7.11",
"versionStartIncluding": "21.7"
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D588902-31C0-4463-A7BE-66F91D3B6636",
"versionEndExcluding": "21.8.10",
"versionStartIncluding": "21.8"
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D587C95-7D71-46A0-A8D4-459B601A007F",
"versionEndExcluding": "21.9.7",
"versionStartIncluding": "21.9"
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F88DA14-4174-413D-822F-1FFD5C33F8CF",
"versionEndExcluding": "21.10.2",
"versionStartIncluding": "21.10"
},
{
"criteria": "cpe:2.3:o:cisco:staros:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2BDDE9A1-2EA7-4EFB-BA39-0DB5C036B995",
"versionEndExcluding": "21.11.1",
"versionStartIncluding": "21.11"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_5000:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "746254AC-B039-432C-AA5C-A82260E57AD7"
},
{
"criteria": "cpe:2.3:h:cisco:asr_5500:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "301681DF-2A9E-4A91-9918-4A46153ADC01"
},
{
"criteria": "cpe:2.3:h:cisco:asr_5700:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A9EF0299-16A7-446D-855D-BFF91EE65534"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]