Details of VAR-201803-1377

ID

VAR-201803-1377

CVE

CVE-2018-0158

TITLE

Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Module Input Validation Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2018-08186 // CNNVD: CNNVD-201803-1032

DESCRIPTION

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394. Cisco IOS Software and Cisco IOS XE The software contains input validation vulnerabilities and resource management vulnerabilities. Vendors have confirmed this vulnerability Cisco Bug ID : CSCvf22394 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. InternetKeyExchangeVersion2(IKEv2)module is one of the network key exchange modules. The vulnerability stems from a program failing to properly handle IKEv2 packets

Trust: 2.61

sources: NVD: CVE-2018-0158 // JVNDB: JVNDB-2018-003521 // CNVD: CNVD-2018-08186 // BID: 103566 // VULHUB: VHN-118360 // VULMON: CVE-2018-0158

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-08186

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s1.9	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s1.5	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s1.8	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1.12	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s1.10	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s1.7	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s1.2	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s1.11	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s1.4	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s1.12	Trust: 1.6
vendor:	cisco	model:	ios xe	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	ios	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.5\(3\)s1.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1.11	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1.4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1.9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1.2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1.7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1.1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1.10	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1.5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	15.5\(3\)s1.8	Trust: 1.0
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	asr series aggregation services routers	scope:	eq	version:	10000	Trust: 0.3

sources: CNVD: CNVD-2018-08186 // BID: 103566 // JVNDB: JVNDB-2018-003521 // CNNVD: CNNVD-201803-1032 // NVD: CVE-2018-0158

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-0158
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-0158
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-08186
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201803-1032
value:	HIGH
Trust: 0.6
VULHUB:	VHN-118360
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-0158
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-0158
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2018-08186
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-118360
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-0158
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	4.0
version:	3.1
Trust: 1.0
NVD:	CVE-2018-0158
baseSeverity:	HIGH
baseScore:	8.6
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2018-08186 // VULHUB: VHN-118360 // VULMON: CVE-2018-0158 // JVNDB: JVNDB-2018-003521 // CNNVD: CNNVD-201803-1032 // NVD: CVE-2018-0158

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.9
problemtype:	CWE-401	Trust: 1.0
problemtype:	CWE-399	Trust: 0.9
problemtype:	CWE-772	Trust: 0.1

sources: VULHUB: VHN-118360 // JVNDB: JVNDB-2018-003521 // NVD: CVE-2018-0158

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-1032

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201803-1032

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-003521

PATCH

title:	cisco-sa-20180328-ike	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-ike	Trust: 0.8
title:	Cisco IOS Software and IOSXESoftwareInternetKeyExchangeVersion2 Modules Enter Patches for Validation Vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/126845	Trust: 0.6
title:	Cisco IOS Software and IOS XE Software Internet Key Exchange Version 2 Fixes for module input validation vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79500	Trust: 0.6
title:	Cisco: Cisco IOS and IOS XE Software Internet Key Exchange Memory Leak Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180328-ike	Trust: 0.1
title:	Known Exploited Vulnerabilities Detector	url:	https://github.com/Ostorlab/KEV	Trust: 0.1

sources: CNVD: CNVD-2018-08186 // VULMON: CVE-2018-0158 // JVNDB: JVNDB-2018-003521 // CNNVD: CNNVD-201803-1032

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0158	Trust: 3.5
db:	ICS CERT	id:	ICSA-18-107-04	Trust: 2.6
db:	ICS CERT	id:	ICSA-18-107-03	Trust: 2.6
db:	BID	id:	103566	Trust: 2.1
db:	SECTRACK	id:	1040595	Trust: 1.8
db:	JVNDB	id:	JVNDB-2018-003521	Trust: 0.8
db:	CNNVD	id:	CNNVD-201803-1032	Trust: 0.7
db:	CNVD	id:	CNVD-2018-08186	Trust: 0.6
db:	VULHUB	id:	VHN-118360	Trust: 0.1
db:	VULMON	id:	CVE-2018-0158	Trust: 0.1

sources: CNVD: CNVD-2018-08186 // VULHUB: VHN-118360 // VULMON: CVE-2018-0158 // BID: 103566 // JVNDB: JVNDB-2018-003521 // CNNVD: CNNVD-201803-1032 // NVD: CVE-2018-0158

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180328-ike	Trust: 2.7
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-107-03	Trust: 2.7
url:	https://ics-cert.us-cert.gov/advisories/icsa-18-107-04	Trust: 2.6
url:	http://www.securityfocus.com/bid/103566	Trust: 1.9
url:	http://www.securitytracker.com/id/1040595	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0158	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0158	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/772.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180328-ike	Trust: 0.1
url:	https://github.com/ostorlab/kev	Trust: 0.1

sources: CNVD: CNVD-2018-08186 // VULHUB: VHN-118360 // VULMON: CVE-2018-0158 // BID: 103566 // JVNDB: JVNDB-2018-003521 // CNNVD: CNNVD-201803-1032 // NVD: CVE-2018-0158

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 103566

SOURCES

db:	CNVD	id:	CNVD-2018-08186
db:	VULHUB	id:	VHN-118360
db:	VULMON	id:	CVE-2018-0158
db:	BID	id:	103566
db:	JVNDB	id:	JVNDB-2018-003521
db:	CNNVD	id:	CNNVD-201803-1032
db:	NVD	id:	CVE-2018-0158

LAST UPDATE DATE

2024-11-23T21:39:32.331000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-08186	date:	2018-04-24T00:00:00
db:	VULHUB	id:	VHN-118360	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2018-0158	date:	2019-10-09T00:00:00
db:	BID	id:	103566	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003521	date:	2018-05-25T00:00:00
db:	CNNVD	id:	CNNVD-201803-1032	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-0158	date:	2024-11-21T03:37:37.910

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-08186	date:	2018-04-24T00:00:00
db:	VULHUB	id:	VHN-118360	date:	2018-03-28T00:00:00
db:	VULMON	id:	CVE-2018-0158	date:	2018-03-28T00:00:00
db:	BID	id:	103566	date:	2018-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-003521	date:	2018-05-25T00:00:00
db:	CNNVD	id:	CNNVD-201803-1032	date:	2018-03-29T00:00:00
db:	NVD	id:	CVE-2018-0158	date:	2018-03-28T22:29:00.547