var-201504-0290
Vulnerability from variot
The hamgr service in the IPv6 Proxy Mobile (PM) implementation in Cisco StarOS 18.1.0.59776 on ASR 5000 devices allows remote attackers to cause a denial of service (service reload and call-processing outage) via malformed PM packets, aka Bug ID CSCut94711. Vendors have confirmed this vulnerability Bug ID CSCut94711 It is released as.Malformed by a third party PM Service disruption via packets ( Reload services and stop call processing ) There is a possibility of being put into a state. The Cisco ASR 5000 Series is a 5000 series wireless controller product from Cisco. StarOS is a virtualized operating system that dynamically allocates resources for mobile services and networks running in the 5000 Series wireless controller products. Successful exploitation of the issue will cause the device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCut94711
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201504-0290", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "staros", scope: "eq", trust: 3, vendor: "cisco", version: "18.1.0.59776", }, { model: "asr 5000 router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "asr 5500 router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "asr 5700 router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "asr series software", scope: "eq", trust: 0.3, vendor: "cisco", version: "500018.1.0.59776", }, { model: "asr series software", scope: "eq", trust: 0.3, vendor: "cisco", version: "500018.1", }, ], sources: [ { db: "CNVD", id: "CNVD-2015-02815", }, { db: "BID", id: "74388", }, { db: "JVNDB", id: "JVNDB-2015-002512", }, { db: "NVD", id: "CVE-2015-0711", }, { db: "CNNVD", id: "CNNVD-201504-571", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:cisco:staros:18.1.0.59776:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:cisco:asr_5700:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:cisco:asr_5500:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:h:cisco:asr_5000:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2015-0711", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cisco", sources: [ { db: "BID", id: "74388", }, ], trust: 0.3, }, cve: "CVE-2015-0711", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 5, confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2015-0711", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2015-02815", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-78657", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2015-0711", trust: 1.8, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2015-02815", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201504-571", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-78657", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2015-02815", }, { db: "VULHUB", id: "VHN-78657", }, { db: "JVNDB", id: "JVNDB-2015-002512", }, { db: "NVD", id: "CVE-2015-0711", }, { db: "CNNVD", id: "CNNVD-201504-571", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The hamgr service in the IPv6 Proxy Mobile (PM) implementation in Cisco StarOS 18.1.0.59776 on ASR 5000 devices allows remote attackers to cause a denial of service (service reload and call-processing outage) via malformed PM packets, aka Bug ID CSCut94711. Vendors have confirmed this vulnerability Bug ID CSCut94711 It is released as.Malformed by a third party PM Service disruption via packets ( Reload services and stop call processing ) There is a possibility of being put into a state. The Cisco ASR 5000 Series is a 5000 series wireless controller product from Cisco. StarOS is a virtualized operating system that dynamically allocates resources for mobile services and networks running in the 5000 Series wireless controller products. \nSuccessful exploitation of the issue will cause the device to reload, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCut94711", sources: [ { db: "NVD", id: "CVE-2015-0711", }, { db: "JVNDB", id: "JVNDB-2015-002512", }, { db: "CNVD", id: "CNVD-2015-02815", }, { db: "BID", id: "74388", }, { db: "VULHUB", id: "VHN-78657", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2015-0711", trust: 3.4, }, { db: "SECTRACK", id: "1032213", trust: 1.1, }, { db: "BID", id: "74388", trust: 1, }, { db: "JVNDB", id: "JVNDB-2015-002512", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201504-571", trust: 0.7, }, { db: "CNVD", id: "CNVD-2015-02815", trust: 0.6, }, { db: "VULHUB", id: "VHN-78657", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2015-02815", }, { db: "VULHUB", id: "VHN-78657", }, { db: "BID", id: "74388", }, { db: "JVNDB", id: "JVNDB-2015-002512", }, { db: "NVD", id: "CVE-2015-0711", }, { db: "CNNVD", id: "CNNVD-201504-571", }, ], }, id: "VAR-201504-0290", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2015-02815", }, { db: "VULHUB", id: "VHN-78657", }, ], trust: 0.06999999999999999, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2015-02815", }, ], }, last_update_date: "2023-12-18T12:20:55.998000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "38557", trust: 0.8, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=38557", }, { title: "Cisco ASR 5000 Series StarOS Denial of Service Vulnerability Patch", trust: 0.6, url: "https://www.cnvd.org.cn/patchinfo/show/57892", }, ], sources: [ { db: "CNVD", id: "CNVD-2015-02815", }, { db: "JVNDB", id: "JVNDB-2015-002512", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-399", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-78657", }, { db: "JVNDB", id: "JVNDB-2015-002512", }, { db: "NVD", id: "CVE-2015-0711", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.6, url: "http://tools.cisco.com/security/center/viewalert.x?alertid=38557", }, { trust: 1.4, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0711", }, { trust: 1.1, url: "http://www.securitytracker.com/id/1032213", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0711", }, { trust: 0.3, url: "http://www.cisco.com/", }, ], sources: [ { db: "CNVD", id: "CNVD-2015-02815", }, { db: "VULHUB", id: "VHN-78657", }, { db: "BID", id: "74388", }, { db: "JVNDB", id: "JVNDB-2015-002512", }, { db: "NVD", id: "CVE-2015-0711", }, { db: "CNNVD", id: "CNNVD-201504-571", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2015-02815", }, { db: "VULHUB", id: "VHN-78657", }, { db: "BID", id: "74388", }, { db: "JVNDB", id: "JVNDB-2015-002512", }, { db: "NVD", id: "CVE-2015-0711", }, { db: "CNNVD", id: "CNNVD-201504-571", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-04-30T00:00:00", db: "CNVD", id: "CNVD-2015-02815", }, { date: "2015-04-29T00:00:00", db: "VULHUB", id: "VHN-78657", }, { date: "2015-04-28T00:00:00", db: "BID", id: "74388", }, { date: "2015-04-30T00:00:00", db: "JVNDB", id: "JVNDB-2015-002512", }, { date: "2015-04-29T01:59:03.183000", db: "NVD", id: "CVE-2015-0711", }, { date: "2015-04-29T00:00:00", db: "CNNVD", id: "CNNVD-201504-571", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-04-30T00:00:00", db: "CNVD", id: "CNVD-2015-02815", }, { date: "2015-09-10T00:00:00", db: "VULHUB", id: "VHN-78657", }, { date: "2015-04-28T00:00:00", db: "BID", id: "74388", }, { date: "2015-04-30T00:00:00", db: "JVNDB", id: "JVNDB-2015-002512", }, { date: "2015-09-10T16:07:19.700000", db: "NVD", id: "CVE-2015-0711", }, { date: "2015-04-29T00:00:00", db: "CNNVD", id: "CNNVD-201504-571", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201504-571", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cisco ASR 5000 Series StarOS Denial of Service Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2015-02815", }, { db: "CNNVD", id: "CNNVD-201504-571", }, ], trust: 1.2, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "resource management error", sources: [ { db: "CNNVD", id: "CNNVD-201504-571", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.