← Back

CVE-2019-1869

nvd nist
Published: Jun 20, 2019Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.

Affected (7)

Products: Cisco: Staros
Cisco
1 product
Staros
Configuration A
7 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Cisco
Staros
From 21.10 to 21.10.2
Staros
From 21.11 to 21.11.1
Staros
From 21.6 to 21.6.13
Staros
From 21.6b to 21.6b.16
Staros
From 21.7 to 21.7.11
Staros
From 21.8 to 21.8.10
Staros
From 21.9 to 21.9.7
Running on/withPlatform Versions
Cisco
Asr 5000
All versions
Cisco
Asr 5500
All versions
Cisco
Asr 5700
All versions

Related CWEs

CWE-824
Access of Uninitialized Pointer
The product accesses or uses a pointer that has not been initialized.

References (4)

Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.