Access of Uninitialized Pointer
CVE-2019-1869
Summary
A vulnerability in the internal packet-processing functionality of the Cisco StarOS operating system running on virtual platforms could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service interface from receiving any traffic, which would lead to a DoS condition on the affected interface. The device may have to be manually reloaded to recover from exploitation of this vulnerability.
- LOW
- NETWORK
- NONE
- CHANGED
- NONE
- NONE
- NONE
- HIGH
CWE-824 - Access of Uninitialized Pointer
The program accesses or uses a pointer that has not been initialized.
References
Advisory Timeline
- Published