CVE-2018-0122 : A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 50

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to overwrite system files that are stored in the flash memory of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the affected operating system. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command for the affected operating system. A successful exploit could allow the attacker to overwrite or modify arbitrary files that are stored in the flash memory of an affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvf93335.

Published 2018-02-08 07:29:00

Updated 2020-09-04 17:15:35

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Input validation

Products affected by CVE-2018-0122

Cisco » Staros » Version: 21.3.0.67664
cpe:2.3:o:cisco:staros:21.3.0.67664:*:*:*:*:*:*:*
Matching versions
When used together with: Cisco » Asr 5000 » Version: N/A
When used together with: Cisco » Asr 5500 » Version: N/A
When used together with: Cisco » Asr 5700 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2018-0122

EPSS FAQ

0.12%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 29 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2018-0122

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.6	MEDIUM	AV:L/AC:L/Au:N/C:N/I:C/A:C	3.9	9.2	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Complete Availability Impact: Complete
4.4	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N	0.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: None

CWE ids for CVE-2018-0122

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: ykramarz@cisco.com (Secondary)
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2018-0122

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-asr

Cisco StarOS for Cisco ASR 5000 Series Aggregation Services Routers File Overwrite Vulnerability
Vendor Advisory
http://www.securitytracker.com/id/1040340

Cisco ASR 5000 Series Router CLI Input Validation Flaw Lets Local Users Overwrite Files in Flash Memory on the Target System - SecurityTracker
Third Party Advisory;VDB Entry
http://www.securityfocus.com/bid/103028

Cisco StarOS CVE-2018-0122 Local Arbitrary File Overwrite Vulnerability
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2018-0122

Products affected by CVE-2018-0122

Exploit prediction scoring system (EPSS) score for CVE-2018-0122

CVSS scores for CVE-2018-0122

CWE ids for CVE-2018-0122

References for CVE-2018-0122