cnvd - cnvd-2018-05338

cnvd-2018-05338

Vulnerability from cnvd

Title: Cisco StarOS文件覆盖漏洞

Description:

Cisco ASR 5000 Series Aggregation Services Routers是美国思科（Cisco）公司的一款5000系列安全路由器设备。Cisco StarOS operating system是一套运行在其中的虚拟化操作系统。

Cisco ASR 5000 Series Aggregation Services Routers中的Cisco StarOS操作系统的CLI存在文件覆盖漏洞，该漏洞源于程序未能充分的验证用户提交的输入。本地攻击者可通过向受影响的CLI命令注入特制的‘command’参数利用该漏洞覆盖或更改储存在闪存中的任意文件。

Severity: 中

Patch Name: Cisco StarOS文件覆盖漏洞的补丁

Patch Description:

Formal description:

厂商已发布漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr

Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr https://www.securityfocus.com/bid/103028

Impacted products

Name
['Cisco ASR 5000 Series Software 0', 'Cisco StarOS 0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "103028"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-0122"
    }
  },
  "description": "Cisco ASR 5000 Series Aggregation Services Routers\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e5000\u7cfb\u5217\u5b89\u5168\u8def\u7531\u5668\u8bbe\u5907\u3002Cisco StarOS operating system\u662f\u4e00\u5957\u8fd0\u884c\u5728\u5176\u4e2d\u7684\u865a\u62df\u5316\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco ASR 5000 Series Aggregation Services Routers\u4e2d\u7684Cisco StarOS\u64cd\u4f5c\u7cfb\u7edf\u7684CLI\u5b58\u5728\u6587\u4ef6\u8986\u76d6\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u7684\u9a8c\u8bc1\u7528\u6237\u63d0\u4ea4\u7684\u8f93\u5165\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u53d7\u5f71\u54cd\u7684CLI\u547d\u4ee4\u6ce8\u5165\u7279\u5236\u7684\u2018command\u2019\u53c2\u6570\u5229\u7528\u8be5\u6f0f\u6d1e\u8986\u76d6\u6216\u66f4\u6539\u50a8\u5b58\u5728\u95ea\u5b58\u4e2d\u7684\u4efb\u610f\u6587\u4ef6\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-05338",
  "openTime": "2018-03-15",
  "patchDescription": "Cisco ASR 5000 Series Aggregation Services Routers\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e5000\u7cfb\u5217\u5b89\u5168\u8def\u7531\u5668\u8bbe\u5907\u3002Cisco StarOS operating system\u662f\u4e00\u5957\u8fd0\u884c\u5728\u5176\u4e2d\u7684\u865a\u62df\u5316\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nCisco ASR 5000 Series Aggregation Services Routers\u4e2d\u7684Cisco StarOS\u64cd\u4f5c\u7cfb\u7edf\u7684CLI\u5b58\u5728\u6587\u4ef6\u8986\u76d6\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u5145\u5206\u7684\u9a8c\u8bc1\u7528\u6237\u63d0\u4ea4\u7684\u8f93\u5165\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u53d7\u5f71\u54cd\u7684CLI\u547d\u4ee4\u6ce8\u5165\u7279\u5236\u7684\u2018command\u2019\u53c2\u6570\u5229\u7528\u8be5\u6f0f\u6d1e\u8986\u76d6\u6216\u66f4\u6539\u50a8\u5b58\u5728\u95ea\u5b58\u4e2d\u7684\u4efb\u610f\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco StarOS\u6587\u4ef6\u8986\u76d6\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco ASR 5000 Series Software 0",
      "Cisco StarOS 0"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr\r\nhttps://www.securityfocus.com/bid/103028",
  "serverity": "\u4e2d",
  "submitTime": "2018-02-08",
  "title": "Cisco StarOS\u6587\u4ef6\u8986\u76d6\u6f0f\u6d1e"
}

CVE-2018-0122 (GCVE-0-2018-0122)

Vulnerability from cvelistv5

Published

2018-02-08 07:00

Modified

2024-12-02 21:23

Severity ?

CWE

CWE-20

Summary

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command for the affected operating system. A successful exploit could allow the attacker to overwrite or modify arbitrary files that are stored in the flash memory of an affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93335.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1040340	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/103028	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Cisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers	Version: Cisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:14:16.822Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1040340",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040340"
          },
          {
            "name": "103028",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103028"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2018-0122",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-02T18:55:27.862053Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T21:23:01.542Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers"
            }
          ]
        }
      ],
      "datePublic": "2018-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command for the affected operating system. A successful exploit could allow the attacker to overwrite or modify arbitrary files that are stored in the flash memory of an affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93335."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-16T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1040340",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040340"
        },
        {
          "name": "103028",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103028"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2018-0122",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command for the affected operating system. A successful exploit could allow the attacker to overwrite or modify arbitrary files that are stored in the flash memory of an affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93335."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1040340",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040340"
            },
            {
              "name": "103028",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103028"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2018-0122",
    "datePublished": "2018-02-08T07:00:00",
    "dateReserved": "2017-11-27T00:00:00",
    "dateUpdated": "2024-12-02T21:23:01.542Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted