CVE-2018-0117

Severity Score

8.6

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability in the ingress packet processing functionality of the Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient handling of user-supplied data by the affected software. An attacker could exploit this vulnerability by sending malicious traffic to the internal distributed instance (DI) network address on an affected system. A successful exploit could allow the attacker to cause an unhandled error condition on the affected system, which would cause the CF instances to reload and consequently cause the entire VPC to reload, resulting in the disconnection of all subscribers and a DoS condition on the affected system. This vulnerability affects Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software N4.0 through N5.5 with the Cisco StarOS operating system 19.2 through 21.3. Cisco Bug IDs: CSCve17656.

Una vulnerabilidad en la funcionalidad de procesado de paquetes de entrada de Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software podría permitir que un atacante remoto no autenticado provoque que ambas instancias de función de control (CF) en un sistema afectado se reinicien, lo que desemboca en una condición de denegación de servicio (DoS). La vulnerabilidad se debe a la manipulación insuficiente de datos de parte del usuario por parte del software afectado. Un atacante podría explotar esta vulnerabilidad mediante el envío de tráfico malicioso a la dirección de red de la instancia distribuida (DI) interna en un sistema afectado. Un exploit con éxito podría permitir que el atacante provoque una condición de error en el sistema afectado, lo que podría causar que las instancias CF se recarguen y hagan que el VPC entero se recargue, lo que desemboca en la desconexión de todos los suscriptores y una condición DoS en el sistema afectado. La vulnerabilidad afecta a Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software N4.0 hasta N5.5 con el sistema operativo Cisco StarOS en versiones 19.2 hasta la 21.3. Cisco Bug IDs: CSCve17656.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-11-27 CVE Reserved
2018-02-08 CVE Published
2023-12-19 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (2)

URL	Tag	Source
http://www.securityfocus.com/bid/102970	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-vpcdi	2019-10-09

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Asr 5000 Firmware Search vendor "Cisco" for product "Asr 5000 Firmware"	21.1.v0.66836 Search vendor "Cisco" for product "Asr 5000 Firmware" and version "21.1.v0.66836"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5000 Search vendor "Cisco" for product "Asr 5000"	-	-	Safe
Cisco Search vendor "Cisco"	Asr 5000 Firmware Search vendor "Cisco" for product "Asr 5000 Firmware"	21.1.v7 Search vendor "Cisco" for product "Asr 5000 Firmware" and version "21.1.v7"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5000 Search vendor "Cisco" for product "Asr 5000"	-	-	Safe
Cisco Search vendor "Cisco"	Asr 5000 Firmware Search vendor "Cisco" for product "Asr 5000 Firmware"	21.3.0 Search vendor "Cisco" for product "Asr 5000 Firmware" and version "21.3.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5000 Search vendor "Cisco" for product "Asr 5000"	-	-	Safe
Cisco Search vendor "Cisco"	Asr 5000 Firmware Search vendor "Cisco" for product "Asr 5000 Firmware"	21.6.0 Search vendor "Cisco" for product "Asr 5000 Firmware" and version "21.6.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5000 Search vendor "Cisco" for product "Asr 5000"	-	-	Safe
Cisco Search vendor "Cisco"	Asr 5500 Firmware Search vendor "Cisco" for product "Asr 5500 Firmware"	21.1.v0.66836 Search vendor "Cisco" for product "Asr 5500 Firmware" and version "21.1.v0.66836"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5500 Search vendor "Cisco" for product "Asr 5500"	-	-	Safe
Cisco Search vendor "Cisco"	Asr 5500 Firmware Search vendor "Cisco" for product "Asr 5500 Firmware"	21.1.v7 Search vendor "Cisco" for product "Asr 5500 Firmware" and version "21.1.v7"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5500 Search vendor "Cisco" for product "Asr 5500"	-	-	Safe
Cisco Search vendor "Cisco"	Asr 5500 Firmware Search vendor "Cisco" for product "Asr 5500 Firmware"	21.3.0 Search vendor "Cisco" for product "Asr 5500 Firmware" and version "21.3.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5500 Search vendor "Cisco" for product "Asr 5500"	-	-	Safe
Cisco Search vendor "Cisco"	Asr 5500 Firmware Search vendor "Cisco" for product "Asr 5500 Firmware"	21.6.0 Search vendor "Cisco" for product "Asr 5500 Firmware" and version "21.6.0"	-	Affected	in	Cisco Search vendor "Cisco"	Asr 5500 Search vendor "Cisco" for product "Asr 5500"	-	-	Safe